[German]Interesting report from the Wall Street Journal regarding the Russian antivirus provider Kaspersky. The proposal from the White House to sanction Russian security vendor Kaspersky over the invasion of Ukraine is dividing the Biden administration. Some members of the staff fear that sanctioning Kaspersky Lab could increase the risk of a Russian cyber attack. The background is that Kaspersky products are still widely used.
It has been an ongoing discussion for years whether the anti-virus products of the Russian company Kaspersky can be used in companies and authorities without hesitation. On the one hand, Kaspersky has relocated parts of its company to Switzerland and even offers insight into the code of its products. On the other hand, the provider works for the Russian state and, as a Russian company, may be subject to the directives of the Russian secret service.
In view of the Russian invasion of Ukraine and the ongoing hostilities, sanctions against Russian companies are on the agenda. In addition, the question of whether one can trust a company with this business background for reasons of IT security is more virulent than ever. My current state of knowledge was that since the end of 2017, an order in the USA has banned the use of Kaspersky products in US authorities. And in the Netherlands, too, there has been a government order since 2018 to ban Kaspersky products from government systems (see Can Kaspersky still be used as security solution?).
Then, in mid-March 2022, German Federal Office for Information Security (BSI) issued a warning against the use of antivirus software from the Russian manufacturer Kaspersky. The BSI recommended replacing applications from the Kaspersky virus protection software portfolio with alternative products. I had addressed this in the blog post German Cyber Guard BSI warns now against the use of Kaspersky antivirus products. The bottom line is that this is a political decision, but one that has been justified.
US administration divided over sanctions
With this in mind, I found this report from the US media "The Wallstreet Journal" (WSJ) very interesting. According to the report, the Biden administration staff is divided over whether or not to impose sanctions on Kaspersky Lab. There is the faction that fears that Kaspersky's products could be used by the Kremlin as a surveillance tool against users.
Therefore, the White House National Security Council (according to WSJ sources) has urged the US Treasury Department to prepare sanctions against Kaspersky – as part of the Western campaign over the invasion of Ukraine. While Treasury staff were still working on sanctions, sanctions experts within the department were already expressing concerns about the scope and scale of such a measure.
The background: The company's software is used by hundreds of millions of customers all over the world. On the one hand, this makes it more difficult to enforce sanctions against Kaspersky. On the other hand, some officials in the US and Europe fear that sanctioning Kaspersky Lab would increase the likelihood of a cyberattack by Moscow on the West. This could possibly even involve the use of Kaspersky software itself.
It is currently unclear whether the sanctions lists will be pushed further with action towards Kaspersky. A source tells the WSJ that the idea of sanctioning Kaspersky has been put on hold for now. There have been repeated denials from Kaspersky Lab that it is working with Russia or any other government to support cyber espionage or other malicious cyber activity.
All in all, it is a situation that shows how difficult the decisions and sanctions measures have become. The use of Kaspersky products has been banned in the US in government agencies and departments for security reasons. However, they also do not want to put Kaspersky on a sanctions list as a Russian company with which they are not allowed to do business.
Can Kaspersky still be used as security solution?
German Cyber Guard BSI warns now against the use of Kaspersky antivirus products
Kaspersky remover may triggers VSS error 0x81000203
Kaspersky on US FCC list & banned from HackerOne's bug bounty
Cookies helps to fund this blog: Cookie settings