Knowledge Base

Is the KGB running your anti-virus?

August 31st, 2017

Well, probably not, but that could largely be due only to the fact that the KGB was disbanded in 1991. The current iteration of Russia’s State Security organization is known as the Federal Security Service of the Russian Federation, or FSB; this is the organization alleged to be utilizing ties to Kaspersky Lab for nefarious purposes.

Kaspersky Lab is the 4th most widely adopted anti-virus platform in the world, and holds the largest market share of European cyber-security manufacturers. With over 400 million users added since the company was founded in 1997, Kaspersky is a very large player in the global security space. Which makes dire warnings about the company’s product line, such as those issued by the U.S. Cybersecurity Coordinator, Rob Joyce, at the end of August, extremely concerning.

“I worry that as a nation state Russia really hasn’t done the right things for this country and they have a lot of control and latitude over the information that goes to companies in Russia.” – Rob Joyce, U.S. Cybersecurity Coordinator

Following Joyce’s commentary about the security of Russian companies, he continued to say that he would not recommend Kaspersky Lab products to family and friends, further confirming an official stance by the U.S. government that Kaspersky products are not to be trusted.

Suspicions about Kaspersky Lab have been abundant in tech and government communities for several years now, persisting despite strong denials by Kaspersky Lab and its founder, Eugene Kaspersky. Kaspersky, acting as CEO of the company, has gone so far as to offer source code for his security products for independent review; an offer which has yet to be accepted by any government organization.

A great deal of the suspicion in this case is directed at Kaspersky himself. A member of Russia’s elite, Kaspersky was educated in a KGB-connected University, and maintains many connections to high-profile figures in Russian government and national industry. The Russian government, and this community of oligarchs, has repeatedly and publicly made attempts to exploit Russian companies for their own benefit, both legally and illegally. There is a growing fear that even if Kaspersky Lab is not willingly cooperating with the Russian government, they may be otherwise compromised.

Recent news reports have confirmed that, throughout the summer, the United States Federal Bureau of Investigation has been meeting with U.S. energy and technology sector companies, to quietly advise them to remove all Kaspersky Lab products from their systems. Additionally, all products from Kaspersky Lab will no longer be utilized by any branch of the U.S. Federal Government. This is an extremely aggressive step which we believe the government would not have taken without careful consideration, as it has potentially broad impact.

At this point, CIS is recommending a highly cautious approach to this situation, and advising our clients to follow the lead of the U.S. Government, and begin to remove Kaspersky Lab products from any critical systems. Additionally, we advise that any current Kaspersky Lab clients either conduct a Network Vulnerability Assessment, or, at minimum, run network security scanning tools. Our team of security experts is available to discuss your requirements at any time, and make recommendations for alternate technology from more trustworthy organizations. If you would like to coordinate a call with our team, please contact your CIS rep today.