Germany advises against using Kaspersky software due to hacking risk

The BSI HQ building in Bonn, Germany
(Image credit: Getty Images)

Germany’s Federal Office for Information Security (BSI) has warned against using Kaspersky antivirus security products due to the company being headquartered in Russia.

The BSI said it recommends switching away from any Kaspersky product to another vendor because the company could be forced by the Russian state to carry out offensive cyber operations.

It also said Kaspersky could carry out such offensive operations in cyber space through its own will, can use its own products as a tool in attacks on its own customers, or be spied on without its knowledge.

Because of these factors, the BSI said there is a “considerable risk of a successful IT attack” as a result of current conflicts between Russia, the EU, NATO, and Germany.

It believes organisations that are tied to critical infrastructure or have other special security interests are particularly at risk of attacks linked to Kaspersky’s antivirus software and the BSI will advise any organisation that believes it may be affected.

“Antivirus software, including the associated real-time capable cloud services, has extensive system authorisations and, due to the system (at least for updates), must maintain a permanent, encrypted, and non-verifiable connection to the manufacturer's servers,” the BSI said in a statement.

“Therefore, trust in the reliability and self-protection of a manufacturer as well as his authentic ability to act is crucial for the safe use of such systems. If there are doubts about the reliability of the manufacturer, virus protection software poses a particular risk for the IT infrastructure to be protected.”

Kaspersky has denied any allegations that it is linked to the Russian state, or any other government across the globe, saying the BSI’s decision has not been made on the basis of technical analysis of its products.

“We believe this decision is not based on a technical assessment of Kaspersky products – that we continuously advocated for with the BSI and across Europe – but instead is being made on political grounds,” a Kaspersky spokesperson told IT Pro. “We will continue to assure our partners and customers in the quality and integrity of our products, and we will be working with the BSI for clarification on its decision and for the means to address its and other regulators’ concerns.

“At Kaspersky, we believe that transparency and the continued implementation of concrete measures to demonstrate our enduring commitment to integrity and trustworthiness to our customers is paramount. Kaspersky is a private global cybersecurity company and, as a private company, does not have any ties to the Russian or any other government.

“We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone.”

History of persecution

This isn’t the first time Kaspersky has been targeted by a country based on its alleged links to the Russian government, claiming that said links compromise its ability to safeguard the national security of countries other than Russia.


Edge-to-cloud security webinar

Safeguards your IoT devices that require Zero Trust


In 2017, the US accused Kaspersky of being able to surveil its customers, of which the US government was one, leading to its products being banned from use in federal government departments that year.

Kaspersky said at the time that it believed the decision was not being made on the basis of facts and had its appeals to overturn the ban thrown out of court. The cyber security company also launched a lawsuit against the Trump administration a week after the ban was imposed.

The UK’s National Cyber Security Centre (NCSC) also followed the US in advising all UK government departments against using Kaspersky security products. The EU labelled the company’s software products as “malicious”, leading to an EU-wide ban.

Following the wave of government bans, Twitter also prevented Kaspersky from placing ads on the social media platform, claiming its business model conflicts with its Twitter Ads business practices.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.