Barclays bank has emailed its 290,000 online banking customers to say that it will no longer be offering Kaspersky Russian anti-virus because of information and news stories about possible security risks.
Rumours and concerns about Kaspersky’s possible links with the Russian state are not confined to Barclays. Moscow-based software maker Kaspersky Lab, the largest Russian software agency operating in the UK, had its security products banned from U.S. government networks earlier this year and, back in July, security researchers claimed to have found a way to force the anti-virus product to assist snoops in stealing data from segmented networks (not connected to the wider internet).
Back in 2015, it was also reported that the US National Security Agency and GCHQ had sought to carry out reverse engineering of Kaspersky anti-virus as far back as 2008 to discover any vulnerabilities. Long-running fears about Kaspersky have also been fuelled by leaks from the NSA through Edward Snowdon (2013), Hal Martin (2016), and by allegations (printed in the Wall Street Journal) that a Vietnamese NSA contractor was hacked on his home computer by Russian spies via Kaspersky.
The move by Barclays follows a warning in a letter by Director of the UK National Cyber Security Centre (NCSC), Ciaran Martin, to Whitehall chiefs that Russian software should be avoided in systems containing information concerning national security. Mr. Martin expressed fears about Russia itself as a cyber threat actor, and how Russian security software such as Kaspersky could be exploited by the Kremlin.
The Barclays customers who received the emails informing them of the bank’s decision to drop the software had downloaded Kaspersky over the past decade as part of a 12-month free trial offered by the bank on its website. The fear is that at least some of the customers who downloaded the software are / were likely to be / have been individuals employed by the UK government and, therefore, may have been targeted by Russian spies (if the allegations about Kaspersky are to be believed). Barclays customers are able to end the Kaspersky subscription after their free trial.
Actual publicised evidence of any state-sponsored wrong-doing by Kaspersky, or involvement with Russian intelligence agencies appears to be in very short supply. Some commentators have also pointed out that it may even have been the case that private company Kaspersky Lab’s product was compromised at some point without its knowledge or consent.
Kaspersky has denied any inappropriate ties to any government, and has put warnings about its products in the west down to the company being caught in the middle of a geopolitical fight, and has expressed disappointment about the recent decision by Barclays.
What Does This Mean For Your Business?
Warnings by the UK National Cyber Security Centre (NCSC) clearly need to be taken most seriously by those with links to government departments, but it is also important to factor in the context of a certain amount of paranoia and the recent focus in the media about Russia following allegations of interference in the US elections.
In the case of Barclays, it has been stressed by officials that they are not saying that members of the public or companies should stop using Kaspersky products, which are used by about 400 million people globally. It would also not be a good idea to remove Kaspersky anti-virus from a computer without immediately putting a suitable alternative in place. Anti-virus still forms an important part of a company / organisation’s basic cyber defences and this, and other software should be kept up to date with patches and updates to enable evolving threats to be combated as part of a wider strategy.