German federal cybersecurity agency BSI has warned its citizens against using antivirus products from Russian-based Kaspersky Lab. The security agency has issued a statement today saying that the Kaspersky antivirus software could be exploited in launching cyberattacks amid Russia’s ongoing war in Ukraine.
The advisory did not accuse Kaspersky Lab of any specific security violations, but it warned that certain organizations and authorities could be particularly vulnerable. The German security agency is now recommending companies to replace the Kaspersky antivirus solution with alternative products non-Russian software vendors.
“The actions of military and/or intelligence forces in Russia and the threats made by Russia against the EU , NATO and the Federal Republic of Germany in the course of the current military conflict are associated with a considerable risk of a successful IT attack. A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers,” BSI explained in a press release.
Kaspersky says this decision is based on political grounds
In a statement shared with Bleeping Computer, a Kaspersky spokesperson explained that it believes this warning has been issued on political grounds and isn’t based on a detailed technical analysis of its antivirus software.
“We will continue to assure our partners and customers in the quality and integrity of our products, and we will be working with the BSI for clarification on its decision and for the means to address its and other regulators’ concerns,” Kaspersky said. “Kaspersky is a private global cybersecurity company and, as a private company, does not have any ties to the Russian or any other government.”
It remains to be seen how Kaspersky will address the new security concerns, which could give other antivirus vendors an incentive to attract more enterprise customers. Kaspersky received a fair share of criticism when the Trump administration banned Kaspersky software in all government departments in 2017. The U.S. government claimed that Kaspersky Lab worked on secret projects with Russian Intelligence agencies, but the company denied all the accusations.
Do you use Kaspersky antivirus products in your organization? Let us know in the comments below.