With security agencies warning against using antiviruses with links to Russia, just how trustworthy is your antivirus software?
There is an ancient curse – may you live in interesting times, and times are certainly interesting. We’re having to ask ourselves all sorts of questions we never imagined, but possibly the most bizarre is: “are the Russians spying on us through our antivirus software?”
Over the past couple of years, it has become increasingly clear to security experts that Russia is attempting to open up a new form of warfare, by launching all-out cyber attacks on the West.
The National Cyber Security Centre, has claimed that Russia is attempting to undermine the entire international system with attacks against the media, energy and communications sectors. The US is investigating their involvement in the election, and social media accounts linked to Moscow have been caught trying to affect the course of political debate in Europe. Their aim is to destabilise their international rivals and it appears to be working.
Now there’s another threat – our own antivirus software. The National Cyber Security Centre issued a stark warning to all government agencies – to avoid antivirus software which has links to Russia. Their move follows similar measures in the US where federal agencies have dropped the Russian owned Kaspersky Labs which has been battling suggestions of links to Russian security agencies. The Washington Post reported that an NSA employee had viewed documents on his home computer. His Kaspersky software, it said, had identified the Government software and alerted the Russians who started to target that employee’s own computer, and managed to read the information.
The hack was actually identified by Israeli security services which had broken into Kaspersky’s system only to find the Russians were already there. It proves that foreign governments are routinely using cyber-crime against other governments – even apparent allies.
Kaspersky, of course, refutes the allegations. In a statement, it said it did not have “unethical ties or affiliations with any Government, including Russia” and “has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts.”
These allegations are serious, but it’s not entirely clear whether Kaspersky’s software was simply doing its job and aggressively identifying malware, or if the company actively tipped off the Russians. Whatever the truth, in the current environment, suspicion is inevitable. In order to work effectively, an antivirus software needs to be highly intrusive into the workings of a system. It has immense levels of access, so any antivirus company must be trustworthy.
So how can we know who to trust?
For the moment the advice is only being directed toward Government agencies and those which contain highly sensitive information, but it does raise questions for all consumers.
True, we might not have access to top-secret data, but personal computers contain vast quantities of information, much of which could be valuable to all sorts of malicious entities. It might be a malignant foreign government seeking out information about the general population or it could be cyber-criminals looking to gain access to your computer. Either way, antiviruses are not entirely fool-proof. Hackers are targeting them as a way of getting into your computer. True, they shouldn’t represent particularly easy targets, but the rewards are worthwhile.
One lesson is to look at the system – find out about its background, get reviews and look for instances of suspicious activity. Those which are well-known with a proven background will inevitably feel more trustworthy than others.
It also pays to make an assessment about the type of risks being faced. What kind of attacker are you more frightened of? Is it the Russian, Israelis, Chinese or any other security force? Or are you more worried about the everyday cyber-criminal.
For most of us the answer is likely to be the latter, in which case state sponsored cyber espionage isn’t likely to be a big deal. What you will want to know is what measures the provider of the antivirus software is taking to make sure it is safe from any threat.
In a world in which cyber threats are continuously evolving nothing can be 100% safe. No matter how good a company’s defences are, some people will be working to get around them and antiviruses are no different. The good news is that they, more than most, are alive to threat and will have built effective defences against it. So, unless you work for a Government agency, it’s unlikely that the Russians are coming for your computer.