Is Russian based Kaspersky Anti-virus a threat?

The importance of secure Anti-virus

A good strong anti-virus is vital in protecting against modern day threats including ransomware (such as the high profile CryptoLocker and Wannacry viruses) and also to prevent the exploitation of vulnerabilities in software. Using technology that recognises malicious behaviour once an infection occurs on a machine – it can then stop the malicious program and rollback the damage.  It also provides clean-up tools and a root cause analysis to see how the infection occurred.

Kaspersky is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, one of their primary products is their widely used Anti-virus solution.

What is the potential threat?

5 years ago, the UK’s National Cyber Security Centre (NCSC) advised government departments, against using Kaspersky products for systems related to national security. Yesterday Ian Levy Technical Director for NCSC wrote a blog giving advice on the use of Russian technology products and services following the invasion of Ukraine.  Ian Levy commented

We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence.

Anti-virus solutions hold the key to an organisation’s cybersecurity, and it is vital they are trusted and secure solutions, so organisations should carefully consider the potential risks involved in continuing to use Russian-based solutions.

NCSC advice to organisations

For organisations using Russian – nexus products and services the NCSC is advising them to reconsider the use of such technology including:

  • wider public sector organisations that weren’t covered by its 2017 guidance
  • organisations providing services to Ukraine
  • organisations that if compromised could represent a PR ‘win’ for Russia
  • organisations providing services related to critical infrastructure

ramsac’s advice for organisations using Kaspersky Anti-Virus

The NCSC has not gone as far as to say that there is a clear and real risk. The German Government have taken a much more direct stance and warned strongly against the use of the product. In reality each business will need to take its own risk assessment and decide whether they are comfortable in continuing to use the Kaspersky product. If you would like to transition to an alternative provider, we would be happy to offer advice on how to do effectively and which are the leading products on the market.

Sophos Intercept X factsheet

Explore the “next generation” in virus protection.

Learn more about how an advanced anti-virus solution can protect your organisation.

Related Posts

  • Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year

    Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year

    Cybersecurity

    secure+ has detected and responded to over 8000 security alerts in its first year [...]

    Read article

  • MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.

    MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.

    Cybersecurity

    MFA Fatigue is a problem organisations need to be aware of, in this blog we break down why and what organisations can do to combat it. [...]

    Read article

  • Data Protection Day – Protecting your information on social media.

    Data Protection Day – Protecting your information on social media.

    Cybersecurity

    The 28th of January is Data Protection day, to mark this day we have created a blog with tips on how people can keep their personal data safe on [...]

    Read article

  • Cybersecurity – The importance of Testing & Training

    Cybersecurity – The importance of Testing & Training

    Cybersecurity

    Many organisations offer cybersecurity training to their staff, but training and testing as a combined strategy provides a much stronger defence against cybercrime. [...]

    Read article

  • Man-in-the-Middle (MITM) attack – Cyber secure series

    Man-in-the-Middle (MITM) attack – Cyber secure series

    Cybersecurity

    Man-in-the-middle attacks mean an attacker has intercepted communications between two people and has altered them in some way. Learn more today. [...]

    Read article

  • Data Protection and Innovation: The Role of the ICO Regulatory Sandbox in the UK

    Data Protection and Innovation: The Role of the ICO Regulatory Sandbox in the UK

    Cybersecurity

    In this blog, we'll explore the concept of the ICO Regulatory Sandbox and its objectives in the data protection landscape in the UK [...]

    Read article