GCHQ’s National Cyber Security Centre (NCSC) has warned government departments not to use antivirus products with links to Russia for systems related to national security and those which are “critically important”.
“The NCSC advises that Russia is a highly capable cyber threat actor which uses cyber as a tool of statecraft,” said NCSC chief executive Ciaran Martin in a statement.”This includes espionage, disruption and influence operations.”
As a result Russian antivirus providers should be avoided by departments handling sensitive information, Martin said.
“Where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen,” he stated.
He said advice was being sent to Whitehall chiefs advising them against using Russian antivirus tools, but added that “the overwhelming majority of UK individuals and organisations are not being actively targeted by the Russian state” and are more likely to be targeted by online criminals.
Following publicity around the the NCSC advice, however, Barclays on Saturday cancelled a programme that had provided new customers with a one-year free trial of Kaspersky’s antivirus tools.
Martin said the advice was issued in response to recent media coverage of “the issue of foreign ownership of antivirus suppliers”, an apparent reference to high-profile US accusations that Moscow-based Kaspersky Lab was involved in espionage.
In the new guidance, NCSC technical director Ian Levy said government systems were at an “increased risk” of hacking.
“Given we assess the Russians do cyber-attacks against the UK for reasons of state, we believe some UK government and critical national systems are at increased risk,” Levy wrote.
The NCSC said it is working with Kaspersky Lab to mitigate potential risks and to see if a way to independently verify the security of its software can be developed.
Kaspersky has faced a string of espionage allegations by US government sources this year, following accusations that the Russian government interfered in last year’s US presidential elections, as well as trying to influence UK elections and the Brexit referendum.
Does IoT security concern you?
While acknowledging its antivirus programs require data to be sent back to servers in Russia, the company has repeatedly denied involvement in any wrongdoing or that customers’ data could be used by the Russian state.
Last week Kaspersky Lab founder Eugene Kaspersky told the BBC that if he was ever asked to provide data to the Russian government he would move his company out of the country.
Kaspersky said it was “disappointed” in Barclays’ decision to drop the free offer.
“It’s very important to note that the NCSC is not encouraging consumers or businesses against using Kaspersky Lab software,” the company stated.
Kaspersky has said it works with the NHS and some other government departments. Most of the firm’s installed base of about 400 million is made up of consumers and busineses, rather than public-sector bodies.
Last month Kaspersky responded to the most recent spying allegations by reiterating an offer to provide any information required by investigators.
“As a completely transparent company, Kaspersky Lab is ready to provide additional details of the investigation in a responsible manner to relevant parties from government organisations and clients concerned about recent media reports,” the company said at the time.
Barclays said it takes customers’ security “very seriously” and that the move was a “precautionary decision”.
In an email sent to about 290,000 online banking customers who had downloaded Kaspersky software over the past ten years, the bank said there was “nothing to suggest” people with the software installed should stop using it.
How well do you know the cloud? Try our quiz!