Germany flags Russia’s Kaspersky antivirus as cybersecurity issue

Russia's invasion of Ukraine could lead to a "cyber Armageddon" which would have major consequences for civilians in both countries and also globally
16 March 2022

Kaspersky: North Korean state-sponsored hackers behind the Maui ransomware attacks. (Photo by Kirill KUDRYAVTSEV / AFP)

The German cyber security agency BSI yesterday began urging consumers not to use antivirus software made by Russia’s Kaspersky, warning the firm could be implicated in hacking assaults amid Russia’s war in Ukraine.

Russia’s military and intelligence activities in Ukraine, and its threats to EU and NATO allies, particularly Germany, mean there is “a considerable risk of a successful IT attack”, the Federal Cyber Security Authority (BSI) said in a statement.

“A Russian IT manufacturer can itself carry out offensive operations, can be forced to attack target systems against its will, or be itself spied on as a victim of a cyber operation without its knowledge, or be misused as a tool for attacks against its own customers,” the agency warned.

Companies and operators of critical infrastructure are particularly vulnerable but individuals could also be hit, the BSI said, inviting anyone in doubt to contact it for advice. The United States banned government agencies from using Kaspersky antivirus software as early as 2017.

Kaspersky has always rejected accusations that it works with the Kremlin. But its business was badly hit by the US ban, which came into effect at a time when the company’s software was installed on hundreds of millions of computers worldwide.

Military and cyber specialists fear that Russia’s invasion of Ukraine could lead to an outbreak of cyberattacks — a “cyber Armageddon” which would have major consequences for civilians in both countries and also globally, through a spillover effect.  But a worst-case scenario has so far been avoided, as the attacks observed appear to be contained in their impact and geographical scope.

Germany has in recent years repeatedly accused Russia of cyber espionage attempts. Following yesterday’s BSI warning, German football Bundesliga club Eintracht Frankfurt said it has ended its partnership with Russian software company Kaspersky after they said they were warned about the reliability of the Russian maker of cyber security systems.

In a statement, the club said the decision was based on “facts not nationalities”. Eintracht contacted BSI after Russia invaded Ukraine to ask about Kaspersky and had initially suspended the partnership deal. The club reportedly donated 150,000 euros (US$165,000) of sponsorship received from Kaspersky to a Ukraine aid charity.

“The trust in Kaspersky’s products and services to provide protection has changed decisively,” said a club spokesman. “We have notified Kaspersky that we are terminating the sponsorship agreement immediately.” A fortnight ago, second division Schalke ended their partnership with energy supplier Gazprom over Russia’s invasion of Ukraine.

The most high-profile incident blamed on Russian hackers to date was a cyberattack in 2015 that paralyzed the computer network of the lower house of parliament, the Bundestag, forcing the entire institution offline for days while it was fixed. Russia denies being behind such activities.