Kaspersky, the world’s reigning champion when it comes to combating viruses, malware, and other internet vulnerabilities has suffered a massive blow in the UK. Kaspersky is best known for detecting and averting threats that other antiviruses can’t see. But recently. It has been popularly known for collecting information for the Russian government. Although the Moscow-based antivirus has said several times that it doesn’t spy for the Russian government, it seems the west has had enough of it.
In the UK, the Head of the National Cyber Security Centre (NCSC) Ciaran Martin told the government that the antivirus could be used by the Russian government to target UK’s critical national infrastructure such as the energy sector and the government as a whole. Heading this warning, all government departments were ordered not to use Kaspersky antivirus all rather any antivirus made by firms located in Russia or linked to Russia. This move is to protect the national security and state secrets. In September, we also saw the same scenario in the US; the Department of Homeland Security announced that all government agencies must get rid of any Kaspersky antivirus software from within their system in a period of 90 days.
Barclays, one of the largest banking institution used to offer free Kaspersky antivirus to all of its customers as a way to protect their online and baking activities. This is through an agreement which began in 2008. In fact, it was the first bank in the UK to offer a free complete internet security package to its customers. But due to the warning, Barclays is no longer providing Kaspersky to its users. “We have made the precautionary decision to no longer offer Kaspersky software to new users,” said Barclays in an email it sent to its customers. “Barclays treats the security of our customers very seriously. Even though this new guidance isn’t directed at members of the public, we have taken the decision to withdraw the offer of Kaspersky software from our customer website,” the Barclays spokesman further added. Barclays termed this move as a precautionary measure but again added that those who already have the antivirus have no action to take since there’s nothing that suggests they need to stop using it. In response to this move, Kaspersky responded, “We are disappointed Barclays has decided to discontinue offering Kaspersky Lab antivirus to new customers.”
Martin warned that Russia is capable of targeting Britain’s critical infrastructure by using cyberspace for espionage, influence, and disruption of operations. He described Russia as a highly capable cyber threat actor. He also warned of apparent risks that come with foreign ownership of companies that produce antimalware and antivirus software for Whitehall departments. Apparently, there are underway discussions between the NCSC and Kaspersky lab to develop measures that will prevent the transfer of data from the UK to Russia.
In the past, Russia has been accused a number of times concerning its interference in the west. In 2016, it was accused of using hackers to meddling with the US election and also spread fake news. Previously, Martin had warned that Russian hackers have been after the UK telecom, media, and energy sectors in the past year. Last month, UK’s Prime Minister Theresa may accused the Russian President Vladimir Putin of planting fake news. in a keynote speech, the prime minister told President Putin that the international community is aware of Russia’s efforts to spread fake news intended to bring discord in the west. In the meantime, as accusations continue to flow, MPs want to know whether Russia will interfere with the UK elections and the Brexit referendum.
In his latest letter, Mr. Martin said that companies and most individuals in the UK are not under threat of state-based cyber-attacks but rather constantly under threat from cybercriminal gangs. “In drawing this guidance to attention today, we aim to enable departments to make informed, risk-based decisions on (their) choice of antivirus provider. To that end, we advise that where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen.” he continued.
In conclusion, the NCSC warned government departs from using Kaspersky and not encouraging consumers or other business to get rid of it. But if you are a business and you want to get rid of it, here are some rules that you should follow to tighten up your security;
- Train and educate your staff on why cybersecurity matters not only in the organization but also in their individual lives. You can also perform real-world simulations to assess how employees respond to a cybersecurity threat. Also, don’t make security in your organization too cumbersome, employees might look for workarounds, and that’s not good.
- Always ensure you have the right resources, and most importantly the right people. Get a skilled IT expert who has specialized in cybersecurity, not just any random IT guy; a programmer can’t develop a security strategy and plan for your organization. You need someone who understands what they are doing regarding cybersecurity.
On individual level or even at the organizational level, always implement an excellent, reputable VPN.