The allegations that Kaspersky passed sensitive US Government information to Russian agents has people wondering how trustworthy their antivirus software actually is. So, should you avoid it? 


Ever since the Washington Post issued a story about the possible connections between antivirus software Kaspersky and Russia, the company has been working hard to protect its reputation. Government agencies and individual buyers have been turning their back on the company, but is this a fuss over nothing? 


Red under the bed

Kaspersky certainly say so. 


“Kaspersky Lab does not have any inappropriate ties to any government, including Russia, and has never helped any government with its cyber espionage efforts.”


The company added, “The only conclusion seems to be that the company remains caught in the middle of an ongoing geopolitical fight.”


Their CEO has also visited a number of countries and has reiterated its message that the company isn’t spying. Whether you believe that is a matter of judgement. If someone comes up to you and declares “I am definitely not a spy,” it is perhaps reasonable to be cautious. 


The company stands accused of flagging NSA files brought home by a hapless NSA security contractor and transmitting that information back the intelligence services in Russia. It comes against an environment in which Russia is being accused of colluding in everything from the US election to Brexit, and could prove fatal to Kaspersky. If it can’t be trusted, then why would anyone use it? 


An innocent explanation?


Kaspersky’s explanation is pretty detailed. If you want to blame someone, they say, look at the NSA contractor. Not only did he think it was a good idea to view highly classified information on his home computer, but that computer was running a pirated version of Word which had been infected with Malware. 


Kaspersky says it was simply doing its job. It identified the malware on the Word document, but while it was performing the clean-up operation it also identified the NSA file as suspicious and sent it back to its labs for analysis. 


A question of trust


It’s a plausible explanation, but the story highlights the immense trust we must give to antivirus software. In order to do their job, they require access to every single file on the computer. Lots of viruses try novel ways to outwit the antivirus, so it is not unusual for software to send suspect files back to headquarters for further analysis. This helps them assess whether it is indeed a threat and update their own defences accordingly. 


Kaspersky is one of the leading names in the antivirus sector, and has been doing trail blazing work addressing some of the latest threats out there. It’s one of the most reputable players in a growing market, but if its credibility is undermined, can it continue to function?


The problem for Kaspersky is that many people aren’t waiting for proof. ‘Why take the risk?’ they ask. Given the wide number of antivirus software solutions out there, why run the risk of installing an antivirus which may not be trustworthy? However, what about those who already have the software? Finding and installing a new antivirus is onerous and expensive. Furthermore, antivirus systems have plenty of links to organisations around the world that might not be immediately obvious. The question of trust extends beyond Kaspersky and over the entire industry. 


Government agencies and major corporations appear to be falling into the ‘why risk’ group. Governments in the US and the UK have been advising any departments running Kaspersky to uninstall their software. Given the amount of sensitive and classified data they store, that is understandable. The allegations may or may not be true, but why take the risk? 


On the flip side, though, uninstalling a software which has been performing well also represents a risk. It interrupts defences which a smart antivirus program may be capable of exploiting.


Is it safe?


The question depends on whether or not you think you are a likely target of government espionage. 


With or without their consent, no antivirus will be 100% safe from attack – and given the amount of access they have, they are good targets for any government spy, or cyber criminal. However, that’s only a problem if you’re a likely target for the Russians.


For example, if you’re a government contractor, prone to viewing classified material on unprotected home computers, perhaps you should think hard about your security arrangements. For the rest of us – the sad truth is that the Russians probably aren’t interested in what they can find on our computers, or indeed anything else about us.