Transcript of Video...
Background; The Department of Homeland Security (DHS) issued a directive, first reported by the Washington Post, calling on departments and agencies to identify any use of Kaspersky antivirus software and develop plans to remove them and replace them with alternatives within the next three months.
“The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the DHS said in a statement.
On my "The Complete Cyber Security Course" I discuss some of the great security features in Kaspersky antivirus and go as far as saying it's a good product. But I also warn that you need to be aware of the Russian connection and what that could possibly mean. Nothing really has changed for me based on the DHS statement. All antivirus is a target for potential backdooring, and one such as Kaspersky connected to Russia has a higher potential risk from the Russian government of being diddled with, as I state on the course!
Should you use Kapsersky antivirus? You have to think about your threat model. Your decision should be based on your threat model. What are your adversaries and threats? If you are the US government for example, should you have ever been using Kaspersky in the first place? No! The Russian connection means there is an added risk of Russian government coercion of Kasperky. It would be better to go with a US product if your the US government.
But what about regular home users, should they still use Kaspersky antivirus? Yes if your not concerned about the Russians. No if you are. Consider the context of your threat model.
Another question to consider is; Can we fully trust any of the antivirus companies? No not fully. We should be using the zero trust model and distribute trust and risk whenever possible. Antivirus is bundled with security vulnerabilities plus its to be expected that governments and others threat agents will be working to backdoor antivirus even if we don't have specific proof, it makes sense for antivirus to be a target.
The Russian government will be trying to use all software and hardware opportunities it can to backdoor everything to improve their cyber position. This is the reality of the new cyber cold war we live in.
US products are not safe either and don't think that this is something only Russia would try. Most governments want to backdoor popular software to leverage their cyber position.
Currently, there is no way to independently confirm if the DHS claims are accurate—and the story does not even prove the involvement of Kaspersky.
"As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight," Kaspersky said in a statement.