Whether Kaspersky products and organization are involved is spying for the Russians, is unproved, to date. However, as a Russian business, that in itself warrants that the US Government not use it in its organizations, specially given the latest Russian efforts to undermine US politics. In news agency investigations into the US Government taking Kaspersky off of its vendor list, it was concluded that discoveries made by Kaspersky of Top Secret documents on a staffer’s personal computer was a result of Kaspersky’s virus data collection. Kaspersky’s explanation was that via its Kaspersky Security Network (KSN) it had inherently collected file archives containing a virus. In turn during its in-house scans of files uploaded via the KSN, it had identified Top Secret documents, due to its scan algorithms which look for that term as part of other virus threats it scans for. In turn, via a series of government and private security organization this information was brought to the attention to the US Government. When you take the details out of the equation it is easy to generalize that Kaspersky is involved in espionage, and as a Russian owned organization, it must be spying for the Russians.
When you take the details out of the equation it is easy to generalize that Kaspersky is involved in espionage, and as a Russian owned organization, it must be spying for the Russians.
However, some say that actions speak louder than words in favor of Kaspersky being a state independent business. Kaspersky is an active participant in advanced security efforts to protect against cyber criminals and collaborates with many government and security organizations. Kaspersky labs and security specialist have routinely been at the forefront of finding virus attacks, many of which were initiated by government cyber attach organizations. Although Kaspersky itself has a policy of not naming governments involved, several of these Kaspersky reported attacks have been linked back to US and Russian Government organizations. So this begs the question if Kaspersky is indirectly serving the Russian government why would it reveal cyber attack information incriminating the Russian Government.
So this begs the question if Kaspersky is indirectly serving the Russian government why would it reveal cyber attack information incriminating the Russian Government.
There is one final detail to consider when deeming Kaspersky safe for use in the United States. Russian law grants its government the right to access communications from any Russian based business. Accordingly, with Russian laws and Russia’s proven aggression towards the United States, and in turn its potential access to Kaspersky, this is enough to warrant that the US Government keep Kaspersky software off of its computer systems.
So what does this mean to non-government organizations. Well Kaspersky software by all accounts is one of the best and most effective virus protection software in the market. And aside from the US government, other countries have not jumped on the bandwagon to ban the use of Kaspersky. Within the United States the general consensus of security specialist, is that Kaspersky can be used for ever day business organizations, as long as they are not involved in government or other industry designated as critical to our cyber security.
Within the United States the general consensus of security firms, is that Kaspersky can be used for ever day business organizations, as long as they are not involved in government or other industry designated as critical to our cyber security.
So what does that mean for my SMB clients. Until I find a better alternative Kaspersky is still the best performing Virus protection on the market, from various perspectives, in my opinion. So I do recommend it and implement it. However, whether it be Kaspersky or any other virus protection software, or for that matter Microsoft, Google, Facebook, and the list goes on, they all participated in collecting our data via telemetry collection services in their software. Virus software in general can inherently collect “files” directly or indirectly involved in a virus detection which it will then upload to its labs for further analysis and in theory to use what it learns to better its software.
Virus software in general can inherently collect “files” directly or indirectly involved in a virus detection
With all of the above in mind, the one configuration I do change in Kaspersky installations is to disable its Kaspersky Security Network (KSN). Instructions can be found here (link)
This article represents a layman’s summary, personal interpretation, and opinion for the benefit of my clients. For security expert resources to help guide your decisions, information can be found on the internet:
We hope our insight has been helpful. This is just one of many common IT issues we handle on a daily basis as part of our Network, Server, and Desktop support; or it may be insight resulting from our Website, Mobile App, or Database development projects.
If you would like to take advantage of our insight for your daily IT Support and IT Projects, please feel free to contact us.