Is Russian based Kaspersky Anti-virus a threat?

Is Russian based Kaspersky Anti-virus a threat?

The importance of secure Anti-virus

A good strong anti-virus is vital in protecting against modern day threats including ransomware (such as the high profile CryptoLocker and Wannacry viruses) and also to prevent the exploitation of vulnerabilities in software. Using technology that recognises malicious behaviour once an infection occurs on a machine – it can then stop the malicious program and rollback the damage.  It also provides clean-up tools and a root cause analysis to see how the infection occurred.

Kaspersky is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, one of their primary products is their widely used Anti-virus solution.

What is the potential threat?

5 years ago, the UK’s National Cyber Security Centre (NCSC) advised government departments, against using Kaspersky products for systems related to national security. Yesterday Ian Levy Technical Director for NCSC wrote a blog giving advice on the use of Russian technology products and services following the invasion of Ukraine.  Ian Levy commented

We have no evidence that the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests, but the absence of evidence is not evidence of absence.

Anti-virus solutions hold the key to an organisation’s cybersecurity, and it is vital they are trusted and secure solutions, so organisations should carefully consider the potential risks involved in continuing to use Russian-based solutions.

NCSC advice to organisations

For organisations using Russian – nexus products and services the NCSC is advising them to reconsider the use of such technology including:

  • wider public sector organisations that weren’t covered by its 2017 guidance
  • organisations providing services to Ukraine
  • organisations that if compromised could represent a PR ‘win’ for Russia
  • organisations providing services related to critical infrastructure

ramsac’s advice for organisations using Kaspersky Anti-Virus

The NCSC has not gone as far as to say that there is a clear and real risk. The German Government have taken a much more direct stance and warned strongly against the use of the product. In reality each business will need to take its own risk assessment and decide whether they are comfortable in continuing to use the Kaspersky product. If you would like to transition to an alternative provider, we would be happy to offer advice on how to do effectively and which are the leading products on the market.

Sophos Intercept X factsheet

Explore the “next generation” in virus protection.

Learn more about how an advanced anti-virus solution can protect your organisation.

Related Posts

  • Understanding the dangers of ‘Permission Creep’

    Understanding the dangers of ‘Permission Creep’

    Cybersecurity

    This blog post explains what permission creep is, how it can expose sensitive data to unauthorised users, and what steps an organisation can take to prevent permission creep. [...]

    Read article

  • Using cybersecurity training to reduce an organisation’s risk of a cyberattack.

    Using cybersecurity training to reduce an organisation’s risk of a cyberattack.

    Cybersecurity

    Cybersecurity training is an important tool for organisations to prevent and mitigate cyberattacks, we explore the types of training available to organisations. [...]

    Read article

  • The risks of ChatGPT, and the Rise of AI.

    The risks of ChatGPT, and the Rise of AI.

    Cybersecurity

    Artificial intelligence (AI) is a game-changing technology in this blog we explore the risks and benefits of using AI-powered language models such as ChatGPT [...]

    Read article

  • How secure is MFA based on SMS and Voice calls?

    How secure is MFA based on SMS and Voice calls?

    Cybersecurity

    In this blog ramsac's cybersecurity expert Voke Augoye explores how secure Multi-factor authentication is when using SMS and voice calls. [...]

    Read article

  • Microsoft Office – High Severity Vulnerability

    Microsoft Office – High Severity Vulnerability

    Cybersecurity

    Earlier this month Microsoft announced there was a High Severity vulnerability affecting Microsoft Office products. In this blog we explain what the vulnerability is and how to protect against it. [...]

    Read article

  • EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring

    EDR, MDR, XDR, SIEM, SOC – understanding the jargon in cybersecurity monitoring

    Cybersecurity

    The cybersecurity product market is full of acronyms which can make it hard to determine what security monitoring services you need, and what benefits you get from them, this [...]

    Read article