The NCSC has warned that using Russian software could put the UK government at risk from being hacked by foreign attackers.
The UK’s cyber security agency has issued as warning to government departments on the potential risks of using Russian antivirus or security software because of fears the Kremlin could use it to conduct espionage.
The advice from the National Cyber Security Centre comes as Russian cyber security firm Kaspersky Lab is facing accusations that its software helped with the theft of NSA hacking tools on behalf of the Russian government.
Kaspersky Lab has denied any wrongdoing and CEO Eugene Kaspersky says he’d remove his company from Moscow if the Kremlin asked them to carry out spying.
The National Cyber Security Centre (NCSC) has warned that Russian cyber attacks are a threat to the UK and that the Russian government could potentially compromise Russian software deployed within an organisation for its own ends.
“The NCSC advises that Russia is a highly capable cyber threat actor which uses cyber as a tool of statecraft,” NCSC CEO Cieran Martin wrote in a letter to senior civil servants.
“To that end, we advise that where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen,” he added.
He said in practical terms, this means that for systems processing information classified ‘secret’ and and above, a Russia-based provider “should never be used”, he said.
“This will also apply to some official tier systems as well, for a small number of departments which deal extensively with national security and related matters of foreign policy, international negotiations, defence and other sensitive information,” he said.
The letter mentions that Kaspersky Lab is the largest Russian cyber security firm in the UK and that the NCSC is examining whether it can develop an independent framework which can be used to provide the government assurance about the security of Kaspersky Lab products and “verifiable measures to prevent the transfer of UK data to the Russian state”.
See also: Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse
Tweeting in response to the advice, Eugene Kaspersky said “Let me stress: there is no ban for KL products in the UK. We are in touch with NCSC regarding our Transparency Initiative and I am sure we will find the way to work together”
In a related blog post, Ian Levy, Technical Director at the NCSC said that many government departments already handle risks well and that there’s “almost no installed base of Kaspersky AV in central government”.
But despite warnings against the use of Russian software in government, Levy said there’s “no compelling case at present to extend that advice to wider public sector, more general enterprises, or individuals”.
He said “we really don’t want people doing things like ripping out Kaspersky software at large, as it makes little sense”
Meanwhile, Barclays Bank has taken the decision to stop providing free Kaspersky Lab antivirus products to new customers as a precaution following the NCSC advice.
“The UK Government has been advised by the National Cyber Security Centre to remove any Russian products from all highly sensitive systems classified as secret or above,” the bank said in an email to customers.
“We’ve made the precautionary decision to no longer offer Kaspersky software to new users, however there’s nothing to suggest customers need to stop using Kaspersky,” Barclays added.A Kaspersky Lab spokesperson told ZDNet that the company is “disappointed Barclays has decided to discontinue offering Kaspersky Lab anti-virus to new customers.””It’s very important to note that the NCSC is not encouraging consumers or businesses against using Kaspersky Lab software,” the added.
READ MORE ON CYBER SECURITY Kaspersky Lab denies any ties to Russian government [CNET]Israeli hackers caught Russian hackers exploiting Kaspersky, NYT reports Remote code execution flaws exposed in Kaspersky Server software What is Kaspersky’s role in NSA data theft? Here are three likely outcomes Windows 10: Microsoft faces Russian probe over claim it pushes Windows Defender on users [TechRepublic]