Government departments have been ordered to stop using Kaspersky, Barclays has stopped offering Kaspersky to new customers: should you stop using Kaspersky anti-virus software too? Nyet. At least, not for the time being.
Kaspersky stands accused of using its security software to pass information to the Russian government – something the company vigorously denies. This bandwagon started rolling in the summer, when US government departments were ordered to stop using Kaspersky software.
The British government followed suit last week, ordering all departments not to use Kaspersky on systems related to national security. Now, it emerges that Barclays has stopped offering Kaspersky anti-virus to its customers, “following the information that’s been shared in the news”.
What has Kaspersky done wrong?
The difficult bit to understand is what exactly Kaspersky has been accused of. It seems there’s no hard evidence that Kaspersky is secretly passing customers’ data back to the Kremlin. The only reason given publicly for sticking Kaspersky on the blacklist is that the company is Russian.
According to the BBC report on the British government ban, officials at the National Cyber Security Centre said the decision was based on a “risk analysis, rather than evidence that such espionage has already taken place”. It’s government-level racial profiling.
There is, on the other hand, no disputing Kaspersky’s links with the Russian security services. The company’s bombastic founder, Eugene Kaspersky, spent five years within the Technical Faculty of the KGB Higher School, a finishing school for Russian intelligence officers. He went on to work for the Soviet military intelligence service as a software engineer, which is where he developed his anti-virus cracking skills. In 1991, he left the military to set up the security firm.
Kaspersky has always robustly denied any links with his private security firm and the Russian government, dismissing the claims as “conspiracy theories”. Only last week, when asked about links to the Kremlin by the BBC, Kaspersky responded that “it’s not true that the Russian state has access to the data”.
“There are no facts about that,” he added.
There does indeed seem to be plenty of smoke, but a distinct absence of fire.
That said, Kaspersky himself does sometimes have a casual regard for the truth. In 2010, I interviewed him for PC Pro, when he came into our offices in London and launched into an unprompted tirade against Microsoft, accusing the company of putting security at “priority 20 or 30”. A couple of days later, Kaspersky issued a statement on his company’s website, denying he’d ever made such claims.
Time to uninstall Kaspersky anti-virus?
So, what should you do if you’re running Kaspersky on your home or office PCs? Unless you’re freelancing for MI5, not a lot. Kaspersky Internet Security is an excellent piece of software, scoring five stars in PC Pro’s recent Labs test of anti-virus software and achieving an almost perfect detection rate of 99.7% in AV-Comparatives’ tests. No piece of security software is infallible, but Kaspersky comes pretty close.
And while the government may be making its own risk assessment by kicking out Kaspersky’s software, you should make your own. Even if (and it’s a massive ‘if’) Kaspersky is somehow passing data to the Kremlin, are they really going to be interested in your Amazon shopping emails and holiday snaps from Crete? Until hard evidence emerges, I’d carry on, comrades.
Read this next: Are you an idiot for paying a ransomware fee?