UK government turns against Russian software
There have been concerns about Russian security firm Kaspersky in the US for some time, and now these fears have spread across the Atlantic to the UK. The director of the UK National Cyber Security Centre (NCSC) has issued a warning that no Russian-made security software should be used on systems that could represent a national security threat if accessed by the Russian government.
Ciaran Martin's warning comes after the US government banned the use of Kaspersky software on its computer systems, but the UK security director says that talks are underway with Kaspersky Lab with a view to setting up a review process for its software.
In a letter to senior civil servants, Martin said that there are "obvious risks around foreign ownership" of security software, describing Russia as a "highly capable cyber threat actor" with a history of using cyberspace for "espionage, disruption and influence operations."
The head of the NCSC wrote:
Russia has the intent to target UK central government and the UK's critical national infrastructure. However, the overwhelming majority of UK individuals and organisations are not being actively targeted by the Russian state, and are far more likely to be targeted by cyber criminals.
In drawing this guidance to (department heads') attention today, it is our aim to enable departments to make informed, risk-based decisions on (their) choice of AV provider.To that end, we advise that where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen.
Despite accusations of links to the Russian government, Kaspersky strongly denies any such ties.