The Federal Office for Cybersecurity must once again examine the threat potential posed by Russian antivirus software.
In the United States, the days of the Russian cybersecurity company Kaspersky are numbered. The US government, under President Joe Biden, has issued extensive sanctions and a blanket ban on antivirus software due to security concerns.
Kaspersky is a threat to national security, according to a two-year investigation. The results are not being disclosed in detail, but the long-standing warnings appear to be bearing fruit.
The worst-case scenario? Putin’s elite hackers are secretly accessing foreign networks. Antivirus software with broad access rights could be used for espionage and sabotage against infrastructure.
Switzerland is also more or less directly concerned by Putin’s hybrid war, watson inquired with the Federal Office for Cyber Security.
Does the Confederation still use Kaspersky software?
On 1 January 2024, the National Cyber Security Centre (NCSC) became the Federal Office for Cyber Security, OFCS. This competence centre, now part of the Federal Department of Defence, Civil Protection and Sport (DDPS), headed by Viola Amherd, has its work cut out for it. Indeed, this body is on the front line in the hybrid war – notably combining cyber attacks and disinformation – that Vladimir Putin is waging against Western democracies and supporters of Ukraine.
Federal Councilor Viola AmherdImage: shutterstock/keystone/watson
In 2022, the NCSC responded to a request for watson:
“Kaspersky solutions are only used in a very isolated manner in the federal administration”
Two good years later, the OFCS states:
“While in 2022, some isolated federal services still used Kaspersky software, this is no longer the case today.”
Max Klaus, Deputy Head of Media and Information
Questioned on this subject, the executive of the Swiss institution explains that there is no internal directive concerning Kaspersky software or the banning of the products concerned.
“When contracts with existing suppliers/service providers expire, it is up to the relevant federal service to decide whether the existing software should be maintained or replaced with a solution from another manufacturer.”
Why is the Confederation not issuing a warning?
The OFCS strictly adheres to its own directive, namely that it only warns against tools “for which the OFCS has confirmed technical indications that the use of a product or a service poses security risks,” explains Max Klaus.
The Federal Office for Cyber Security has not been informed of “any misuse” of Kaspersky antivirus software in Switzerland. If reliable information about misuse were to be obtained, the public would be immediately informed and warned.
The experts of the Confederation draw attention to the development of the threat linked to Russia and call for individual responsibility:
“Security policy considerations are of course part of the risk analysis that organizations must perform when acquiring and using products and services.”
In other words, every IT manager must decide for himself whether Kaspersky is trustworthy or not.
Cybersecurity is the responsibility of companies, authorities and individuals, explains spokesperson Manuela Sonderegger. The decision to use this or that product falls within their competence. Assessing cyberthreat risks is an important task.
“There is always the possibility that states will exert influence over the development of software or the manipulation of products.”
Kaspersky’s technical assessment by the OFCS is not affected by the US ban.
And elsewhere in Europe? The German equivalent of the OFCS, the Federal Office for Information Technology Security (BSI), confirmed this week that it would maintain its warning against Kaspersky antivirus products, announced from 2022 A distribution ban like in the United States is not on the agenda.
What does “Kaspersky” say?
Kaspersky has consistently denied being a national security risk or an agent of the Kremlin.
In a statement, the company’s management accused the US government of “making its decision based on the current geopolitical climate and theoretical concerns rather than on a comprehensive assessment of the integrity of Kaspersky’s products and services.”
The US ban will be legally challenged.
Russian IT entrepreneur Yevgeny Valentinovich Kasperski, known in the West as Eugene Kaspersky, is facing sanctions.Image: keystone
An explosive subject: In May this year, Kaspersky faced accusations of supporting Moscow in its war against Ukraine. Pro-Ukrainian hacktivists have referred to leaked documents that allegedly prove Kaspersky employees contributed to the development of military drones by Russian defense company Albatross.
The specialized media The Register analyse:
“The close collaboration between Albatross and Kaspersky in the development of drone software is clearly illustrated by a presentation by Albatross contained in the stolen documents. It states that Albatross drones would never have been able to take off without Kaspersky’s help.”
Kaspersky also vehemently denies this accusation. It was only an “experimental and non-commercial collaboration.” And:
“Kaspersky remains committed to full transparency about its business, products and technologies.”
Why can antivirus software be “dangerous”?
One of the most advanced German sites on the subject, heise.de, explains:
“Protection software like Kaspersky intervenes very deeply in an operating system, it has extensive rights. It would theoretically be conceivable that protection software would deliberately ignore a certain threat, which would make cyberattacks possible. Remote takeover would even be possible.”
Why doesn’t the US ban Kaspersky software today?
Kaspersky has been in the crosshairs of US intelligence services for decades due to its presence in Russia and investigations into possible cooperation with the Putin regime. In 2017, the US government Donald Trump has banned US federal agencies from using Kaspersky products. A year later, a federal appeals court upheld that decision.
When asked why the U.S. government is only now banning Kaspersky from selling its products in the United States, a Commerce Department representative responded that:It was only last year that he received the financial resources to deal intensively with such cases.
Kaspersky claims to protect more than a billion devices from cyberthreats and targeted attacks and has more than 220,000 corporate customers.
The hot news on the Russian war against Ukraine is here
(Translated and adapted by Chiara Lecca)
