Kaspersky Labs isn’t having a particularly good time of it. The company’s attempts to defeat the US ban on its products have been unsuccessful, the UK has banned all Russian software from government networks that carry traffic rated Secret or higher, and Kaspersky’s decision to move some of its infrastructure to Switzerland from Russia hasn’t prevented the Netherlands from planning to phase out its use of Kaspersky products, either.
Now, on top of these moves, the EU could adopt a resolution of its own to block the use of Kaspersky software. While the motion, which was voted on today, is non-binding, it follows a series of actions by various EU member and non-member states to restrict (or at least recommend restricting) the ways that the company’s software is deployed.
The text of the resolution name-checks Kaspersky specifically according to The Register, stating:
Calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programmes and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab.
Kaspersky Lab would undoubtedly argue with the characterization of its own software as malicious, but it’s not clear how seriously those protests should be taken. Last year, evidence surfaced of a connection between Kaspersky and Russian intelligence, after Israel revealed it had been the one to detect Russian agents searching US computers and assets for keywords and code names in real time. Those searches were possible because of Kaspersky products installed on the machines in question. Kaspersky counter-attacked the allegations, but has offered no concrete refutation of them. More lately, it’s been tweeting very hard about its transparency initiative.
Want to know more about our on-going transparency initiative? Learn more here: https://t.co/nOdYdKIPPs pic.twitter.com/cCASKqZISk
— Kaspersky Lab (@kaspersky) June 12, 2018
The problem here is that any meaningful disclosure that would tilt the scales for or against Kaspersky’s overall innocence in this matter would probably also require the disclosure of intel that governments are unwilling to share. With that said, however, the fact that this issue continues to be taken up by various European countries could be considered at least circumstantial evidence that there could be some risk factors. Of course, the counter argument to that is that any unilateral, unequivocal evidence of foreign spying would probably have been treated as immediate grounds to dump Kaspersky by every Western government with access to the information.
If you’re happy with Kaspersky products and want to continue using them, the US government has not made its rationale for banning those products public knowledge, and the EU seems to think that the software remains safe for consumer use as well. The other view — and based on what we know, it’s equally valid — is that PC security is difficult enough without taking the chance that your AV solution is also designed to exfiltrate data in the event that the Russian government finds it interesting. (The chances that the Russian government finds any of our hard drives interesting is, needless to say, remote.)
In the past, has recommended a “better safe than sorry” approach and we continue to do so. Nonetheless, it’s only fair to note that while governments are collectively moving away from Kaspersky, that shift has not been accompanied by declarations that the software is compromised at the personal level. Despite what the EU statement says, Kaspersky products haven’t been “confirmed” as malicious — at least, not publicly.
US Air Force Considers Cutting F-35 Orders By a Third
The F-35 is so expensive, the Air Force may have to trim orders for the aircraft by a third if it can't get maintenance costs down.
FAA Considers Loosening Drone Regulations
Under a set of proposed rules, commercial drone operators could fly aircraft at night and use them over populated areas.
Adobe Reportedly Considering Manufacturing Own Processors
Adobe is reportedly considering building its own processors, which is great news for anyone looking to pay the company even higher annual license fees.
NASA Is Considering Plans for a Pluto Orbiter
NASA's New Horizons probe reached Pluto in 2015, but it zoomed past the dwarf planet in a matter of minutes because of its tremendous velocity. Now, the agency is considering the possibility of sending another mission to Pluto, but this one would stay in orbit to study the surface.