Should You Keep Using Kaspersky Antivirus?

Moscow based cyber security company Kaspersky Labs have been under fire recently for alleged collaboration with the Russian Government, in fact the issue has been raised and roumoured so many times that it's become increasingly difficult to ignore the subject.

Kaspersky offers both free and premium versions of its antivirus software to businesses and home users and is estimated to be used by 400 million people globally.

Most recently, the UK's cyber security authority has advised government agencies against using security products from Russia-based companies in the interest of national security. In a letter to government officials, Ciaran Martin, CEO of the National Cyber Security Center, raises serious concerns about the nature of antivirus products, the unlimited nature of their access to systems they are installed on, as well as the necessity for them to "phone home" to receive updates and potentially pass back system information.

While Martin doesn't call out Kaspersky directly as being the focal point of concern, the letter does note that they are "... in discussions with Kaspersky Lab, by far the largest Russian player in the UK" noting they are working with Kaspersky in "... seeking verifiable measures to prevent the transfer of UK data to the Russian state.".

In response, Barclays Bank have ceased offering Kaspersky antivirus for free to its customer base, despite dodging this same decision less than a month ago, citing lack of any evidence that Barclays customers' data had been compromised. The most recent move has been marked as a precaution only, and the Barclays site has been stripped of all downloads and references to the previous Kaspersky offer.

The trouble is that nobody has come forward with any verifiable proof that Kaspersky's software is doing anything other than advertised - checking systems for viruses and malware, and only phoning home to receive legitimate definition and application updates.

So, should you continue to use Kaspersky products? Right now, with no definable proof, there's no reason to say that yes, you should. However any business dealing with the UK government, defense or military contracts may want to consider alternative providers in order to fall in line with the new government recommendations.

If your business needs security advice or consultation, get in touch with Binary Blue.