The UK spy agency GCHQ has joined US intelligence agencies in voicing concerns over Kaspersky anti-virus software and, in particular, banking group Barclays’ deal to provide Kaspersky subscriptions free of charge to users of its home banking service.
GCHQ fears that if those Barclays customers work for the military, government or even UK spy agencies the anti-virus software could be used to gain access to their information and surreptitiously exfiltrate it without the target’s knowledge.
It comes after the US Department of Homeland Security introduced a ban on all Kaspersky products across the federal government in September, a ban that it claims it is on target to achieve.
However, the report adds that GCHQ has not directly shared its concerns with Barclays, raising questions over how seriously GCHQ actually takes the alleged threat.
The claims were made in the Financial Times, which claims that “concerns over its [Kaspersky’s] connections to the Russian secret state have been prevalent in western intelligence circles for some years”. These were first publicly aired in 2015 when Kaspersky co-founder and CEO Eugene Kaspersky was pictured by Bloomberg sharing a sauna with senior Russian intelligence officials.
The FT suggests that US intelligence officials believe that the trove of US National Security Agency (NSA) malware tools, published last year by an unknown group calling itself the Shadow Brokers, was originally acquired by Kaspersky.
The only solid evidence presented so far, however, has been a case where the anti-virus software’s heuristics correctly identified US National Security Agency (NSA) malware that a NSA worker had taken home to toy with and, as per any anti-virus software these days, had sent the malware sample back to base for further analysis.
The company claimed that it deleted the sample as soon as it realised where it came from. However, Kaspersky as a company has also been at the forefront of research into the Equation Group, whose tools have been linked with US intelligence agencies.
The increased use of online tools and malware by intelligence agencies has inevitably brought them into contact, and conflict, with security software makers. Some fingers have also been pointed at Western anti-virus software companies, with suggestions that their products have been surreptitiously designed to ignore US, UK and other Western intelligence agencies’ own malware.
Kaspersky has also been involved in forensics investigations around the world that has brought it into conflict with the US. It was, for example, the first to identify Stuxnet, the worm used by US intelligence agencies to disrupt Iran’s nuclear development programme between 2005 and 2010.
According to the FT, Barclays is planning to end its deal with Kaspersky, but cites commercial reasons rather than security.
As for Kaspersky and its links to Russian government figures – that is unavoidable in a kleptocracy like Russia where, if any business that achieves a reasonable size and profitability needs ‘friends’ in government for protection and to prevent it from being sequestered, one way or another, by other government insiders.
Save this article