FCC puts Kaspersky on security threat list

FCC puts Kaspersky on security threat list: what do you do if your Canadian business using Kaspersky Antivirus products?

FCC ruling

The Federal Communications Commission of the United States declared Kaspersky security products post an unacceptable risk to the United States national security.

Why? The FCC is worried that the Russian government will compel Kaspersky to put backdoors into their product to spy on the U.S. government and U.S. companies. This action is part of the Ukraine/Russia war.

Kaspersky

Kaspersky denies there are any Russian government backdoors in their products. However the Russian government could compel them to do so. If the situation in the Ukraine worsens (for either side), it is possible the Russian government would take more drastic steps. As recently as October 2021, Microsoft reported the Russian government is behind 58% of all detected state sponsored hacking.

Russian hackers have been attacking Ukrainian software and web sites for years. The infamous NotPetya ransomware was aimed at a Ukrainian accounting software program (and tangled up multinationals Maersk and Merck).

Antivirus testing companies have consistently rated Kaspersky products highly for both consumers and businesses for many years.

UK Cyber Security Advice

The UK’s National Cyber Security Centre announced March 30th advised users of Russian technology products to reassess the risks. They mention Kaspersky products at this time pose no risk but that could change.

What do you do?

At this point I recommend you cancel and not renew any Kaspersky products. I like Kaspersky products but the risk of using any Russian software at this point is too high.

As with NotPetya, your company could be collateral damage of Russian hacking. Also, I suspect insurance companies will start asking if you’re using any Russian software to cover their cyber assets.

Depending on your business needs/software/setup, there are other products such as ESET and Avast that work well for most businesses. ESET comes from Slovakia, Avast from Czech Republic. I don’t recommend free products as they are usually free so they can sell your computer information. Norton has recently bundled an Etherium bitcoin miner with their 360 product (the company receives 15% and it is difficult to remove). Antivirus slows down computers enough without adding to the problem with a bitcoin miner. And Norton was already notorious for being a computer resource hog.