Kaspersky is Offering a Free Version of its Antivirus. Here’s Why You Shouldn’t Use it.
There’s no denying that Kaspersky Lab has an illustrious history in the cybersecurity industry. Founded in 1997 by KGB-school graduate Eugune Kaspersky, the cybersecurity provider has created some of the most widely used paid and free antivirus products in the world, and the Lab’s Global Research and Analysis Team has had a hand in counter-acting or discovering some of the most sophisticated worms and malware ever created, including Stuxnext, Flame, and Red October.
Recently, however, Kaspersky Lab and Eugune Kaspersky himself have come under scrutiny by U.S. intelligence. Allegations that Kaspersky maintains close ties with the FSB (the KGB’s successor) have emerged, leading to Kaspersky products being banned on U.S. government-owned computer equipment, and U.S. officials warning citizens against their use.
In late July 2017, the U.S. House of Representatives Committee asked 22 government agencies to share documents on Kaspersky Lab, saying “The committee is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States.”
Kaspersky also announced in late July that it would be launching a free version of its antivirus in the U.S., with plans to launch it globally over the next four months. This has led to a debate over whether or not U.S. citizens and companies should use Kaspersky’s antivirus and other security software.
Is Kaspersky Safe to Use?
The main issue users should have with Kaspersky is not its rumored cooperation with Russian intelligence. As many commentators have pointed out, this relationship is not much different than the relationships certain U.S.-based cybersecurity companies have had with U.S. intelligence. Cooperation between Symantec and the FBI, for example, has been well documented.
The issue arises when one considers that Kaspersky is based in a country with a government that may not respect U.S. cyber laws. Add that to the fact that the Russian government operates with a low level of transparency, little respect for the rule of law, and a lower level of stability than the U.S. or most of its allies, and you have all the more reason to be wary of using antivirus products from a Russian company.
In a worst-case-scenario, these factors could result in the Russian government forcing Kaspersky Lab to use its software for malicious purposes—gathering data on Kaspersky users, spying, or even pushing out malicious updates
While this may seem far-fetched, it is not without precedent. The Petya malware that shut down Ukrainian infrastructure in June 2017 initially spread through a malicious update to the software MeDoc. The Russian government is widely believed to have been behind this update. It is not outside the realm of possibility that the Russian government could push out a similar malicious update for Kaspersky software.
This is why U.S.-based users—and any users who don’t want to risk the possibility of having their data fall into the hands of Russian intelligence—should not use Kaspersky. The perfect storm of Kaspersky’s ubiquity, the Russian government’s lack of transparency and disregard for the rule of law, and the rising tensions between Russia and the United States, make using the software too much of a risk.