Kaspersky Labs Antivirus.. Should you stop using it?

Table Of Contents

Add a header to begin generating the table of contents

​Transcript of Video…

Background; The Department of Homeland Security (DHS) issued a directive, first reported  by the Washington Post, calling on departments and agencies to identify  any use of Kaspersky antivirus software and develop plans to remove  them and replace them with alternatives within the next three months.

The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the DHS said in a statement.

On my “The Complete Cyber Security Course” I discuss some of the great security features in Kaspersky antivirus and go as far as saying it’s a good product. But I also warn that you need to be aware of the Russian connection and what that could possibly mean. Nothing really has changed for me based on the DHS statement. All antivirus is a target for potential backdooring, and one such as Kaspersky connected to Russia has a higher potential risk from the Russian government of being diddled with, as I state on the course!

Should you use Kapsersky antivirus? You have to think about your threat model. Your decision should be based on your threat model.  What are your adversaries and threats? If you are the US government for example, should you have ever been using Kaspersky in the first place? No! The Russian connection means there is an added risk of Russian government coercion of Kasperky. It would be better to go with a US product if your the US government.

But what about regular home users, should they still use Kaspersky antivirus? Yes if your not concerned about the Russians. No if you are. Consider the context of your threat model.

Another question to consider is; Can we fully trust any of the antivirus companies? No not fully. We should be using the zero trust model and distribute trust and risk whenever possible. Antivirus is bundled with security vulnerabilities plus its to be expected that governments and others threat agents will be working to backdoor antivirus even if we don’t have specific proof, it makes sense for antivirus to be a target.

The Russian government will be trying to use all software and hardware opportunities it can to backdoor everything to improve their cyber position. This is the reality of the new cyber cold war we live in.

US products are not safe either and don’t think that this is something only Russia would try. Most governments want to backdoor popular software to leverage their cyber position.

Currently, there is no way to independently confirm if the DHS claims are accurate—and the story does not even prove the involvement of Kaspersky.

As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight,” Kaspersky said in a statement.

Personally I think for anyone who really cares about security, privacy and or anonymity. Backdoors are a serious problem. Any tools you use can be diddled with! Through legal paths which is extremely worrying or through hacking we will see the introduction of backdoors and weakening. Everything will be a target –  antivirus, Operating Systems, encryption, security services, applications and even the hardware and firmware. Any ​AV service you can think of will be under attack from hackers, corporations and nation-states to back door them right now.

CATEGORIES
  • larry says:

    I have been using Kaspersky for a year and it work`s great.

  • James Glenton says:

    Good call Nathan, we all need to be taking any decisions based on our threat model. You are right to point our, that any AV might have a back-door that we are unaware of. Just look at all the data that Microsoft wants to transfer back for it’s “big data” mine. Who is to say that the NSA do not have access to this.

    As you say often enough – Trust No-One. The CCleaner incident shows how vulnerable we are if we are complacent.

  • Keith Clay says:

    I am going to sound incredibly cynical/paranoid here but I think the hyperventilating on Kaspersky is two fold: 1) the focus on Kaspersky is just an attempt to deflect from what the U.S. and other gov’ts are undoubtedly doing as well–Kaspersky is an easy target with all of the inquiries into the Russians that are happening in the U.S. 2) any backdoor in Kaspersky is being exploited by the Russian gov’t which means the U.S./UK gov’ts are likely not getting that information. If we change our anti-virus from Kaspersky then we will likely pick a company that our gov’ts have a backdoor into and can now capture that info.

  • Luca says:

    Precise and balanced as usual! Thanks

  • Michael says:

    Thank you, Sir!

  • Logan C says:

    I remember the Post article, and thinking “What are they really up to?” They have known about a possibility of Russian Compromise for a long time, (not that I think Kaspersky would risk that – for it it ever was announced or proven to occur the Company would be done. I kind of wonder if it is more of a situation that they themselves (US Gov) cannot comprise or gain access to Kaspersky’s data that they are doing what they can to damage them. Funny after the past couple of years that the US officials have been doing their darnedest to circumvent American AV/Encryption that they would point their fingers at the Russians. Much like this whole Russian US election thing- many people forget that had the US not interfered with Russian Elections in 1996 Boris Yeltsin never would have been able to win it. “Tit for tat”?

  • David Sev says:

    Hmm… What about open source ClamAv ? Should we trust in open source anti-virus ? If so, how much ?

  • Ubolt says:

    If i was in the USA as a citizen or private company, i would be more concerned about the US gov spying on me than Russia.

  • Aiden says:

    hi, nice post, what about using Windows Defender AV? i use that one, but now im worried that it too has backdoors

  • Chris Daniels says:

    I was reassured that Trump piled on and denounced Kaspersky. I expect if they were truly compromised by Russian intelligence, Trump would be singing their praises, defending them to the hilt. And up until recently they have long had an outstanding reputation.

  • >