Germany warns against using Russian anti-virus software Kaspersky

Company rejects suggestion its systems could be exploited by Moscow's intelligence services

Kaspersky said it had no links to the Russian government and had moved data processing infrastructure to Switzerland. Reuters

Live updates: follow the latest news on Russia-Ukraine

German cybersecurity chiefs are advising people not to use Russian anti-virus software Kaspersky over fears it could be exploited by hackers acting on Moscow’s behalf during the war in Ukraine.

The warning by Germany’s Office for Information Security angered the Russian company, which said it had no links to the Kremlin and saw the German ruling as politically motivated.

It came amid growing worries over the cybersecurity dimension of the war, with Poland describing the issue as one of its top concerns and Italy urging people to consider replacing Russian software.

Russia has long been suspected of carrying out cyber attacks in the West and in Ukraine, for example by allegedly shutting down government websites and spreading disinformation around elections.

The German agency said in an advisory note that the behaviour of Russia’s military and intelligence services and Moscow’s threatening statements towards the West meant there was a “considerable risk” of further hacking.

It said a Russian IT company such as Kaspersky could either be persuaded to act on the Kremlin’s behalf or be infiltrated against its will and have its systems co-opted by Russian cyber attackers.

As a result, customers could have their data stolen or deleted and operators of critical infrastructure would be in particular danger if a cyber attack causes disruption, the agency said.

“Anyone who wants to play it safe should use different anti-virus software for the moment”, it said.

The official advice did not amount to a ban on using Kaspersky, meaning Germany stopped short of the move by the US in 2017 to prohibit government agencies from using the software.

Kaspersky said in a statement it would seek clarification from the German agency in Bonn on what it described as recommendation “not based on a technical assessment of Kaspersky products … but on political grounds”.

It sought to distance itself from the Russian government by saying it had no ties to the Kremlin, had moved its data processing infrastructure to Switzerland in 2018 and believed that “war isn’t good for anyone”.

“We believe that peaceful dialogue is the only possible instrument for resolving conflicts,” it said, without directly referring to the war in Ukraine.

A separate warning from Italy’s cybersecurity agency did not specify any Russian companies but said the reliability and effectiveness of Russian-made products could be compromised by the war.

Updated: March 16, 2022, 3:01 PM