Germany’s computer and communication security agency is advising users of Kaspersky’s antivirus software to find alternatives to the Russia-based company’s products.
In a short alert Tuesday, the Federal Office for Information Security, or BSI, did not accuse Kaspersky of any specific violations of customers’ trust, but it referred to Russia’s hostility toward the European Union, NATO and Germany itself as the invasion of Ukraine continues.
“A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers,” the BSI said, according to a translation of the statement.
Kaspersky has always said that it operates separately from Russia’s government, and company founder Eugene Kaspersky maintained an air of neutrality about the Ukraine invasion in a tweet in early March. The German warning, however, echoes the concerns that led the U.S. government to ban Kaspersky products from federal agencies in 2017.
“Companies and authorities with special security interests and operators of critical infrastructures are particularly at risk,” when IT products are potentially compromised by foreign governments, the BSI said.
Kaspersky responded with a statement saying that the BSI’s alert was based on political motives and not technical assessments, according to Germany-based tech journalist Hakan Tanriverdi. The company did not immediately respond to a request for comment from CyberScoop.
The company said in 2020 that it had moved all its data-processing from Russia to Switzerland. It also has opened “transparency centers” in Canada, Europe and elsewhere, for customers to review its code.
Kaspersky’s reputation for cyberthreat research remains strong, and it employs analysts from countries far beyond Russia. One of those researchers, Ivan Kwiatkowski, posted a defense of the company and its work on his personal website on March 9.
Kaspersky has faced pressure on other fronts: Last week it was forced to deny rumors that its source code had been stolen in a hack.