The case against Kaspersky: a cold war on our PCs?
Last week, a piece of news shook the IT world. The US government had banned federal agencies from using security software from Russian company Kaspersky as the Department of Homeland Security was worried about potential connections between Kaspersky and the Russian secret service. In an unprecedented move, all Kaspersky software now has to be removed from all government PCs within 150 days. Looking closer, a couple a questions arise the most important of which is: is there anything left that is safe to install?
Since the 2016 US election, one topic has come up time and again on the web: Russian hackers. Though evidence is hard to find, many surmised Russia massively interfered in the 2016 election. Born out of this fear of uncertainty, Kaspersky quickly fell into the crosshairs of US intelligence agencies. A Russian security software used by over 400 million users including 27,000 business customers would be the perfect backdoor after all! This sentiment had been boiling under the surface for months and led to agents questioning Kaspersky employees and even cracking parts of the software to track down hidden features. It was an all-out effort to uncover the "Russian conspiracy" - and it was all for nothing.
The FBI has yet to come up with substantial proof to support the claims against Kaspersky. Reading between the lines, it becomes apparent that this is not about the software currently running on PCs around the world as no irregularities were found. It's not about what is or was but what might be. The mere thought that the Russian intelligence service might use Kaspersky software to sneak spy tools into US governments robs many of their sleep. All it took was the nationality of a company combined with a general mistrust of Putin's power apparatus to trigger this boycott. Following this line of thought, you may experience mild paranoia as you ask yourself how this scenario may apply to other companies, e.g. Microsoft, and the traditionally unscrupulous NSA. Is that too much of a stretch or should you avoid US software altogether because this scenario is a possibility?
To avoid misunderstandings: we don't entertain any business relations with Kaspersky. They're just another competitor to us. Yes, we could welcome this development as it may mean more antivirus license sales for us but that would be taking too narrow a view of this affair. Is it OK to publicly defame a company for no reason other than fear and suspicion? A company that secures jobs and constitutes a life's work for many? This goes against my sense of justice. What happened to innocent until proven guilty? Some of the suspicions are not without an element of comedy. For example, they criticize that Kaspersky software requires administrator privileges to work properly but fail to mention, or are unaware, that this is the case with every antivirus program. Likewise, any contact with Russian authorities is frowned upon yet, again, they blithely forget that the exchange of information between security vendors and national / international authorities is standard practice to warn and alert against threats and vulnerabilities. So what can you do? Uninstall everything until the screen stays black? You'd certainly be safer then!
Even more disturbing is the advice the US government has for private individuals. While government agencies have just 60 days for planning and 90 days for the implementation of the new regulation, home users are simply told to keep calm. After all, this only concerns companies and the feds they say. But once allegations that a company is the Kremlin's secret espionage department are made, wouldn't it make sense to also warn private consumers? Is their security worth nothing? Moreover, researchers, universities and their staff are most likely using Kaspersky programs on their private computers too. Is that irrelevant? Just a political decision after all?
What remains is the uneasy feeling that the suspicions are plenty yet the facts are few. German authorities have praised the close and constructive relations with Kaspersky and pointed out the various attacks that were successfully repelled with the company's help. This includes multiple attacks by Russian hackers against government officials. So whom can you trust? Let's hope defamation and mistrust won't undermine the combined global efforts in the fields of science, trade and security that have developed across national borders over the years. Imposing a product ban based on company nationality alone invokes unpleasant memories of the Cold War era in me. Back then, Russian software would have been a no-go and who'd want to return to those dark times?
What I would like to know: how will this affair influence your future buying decisions?