Though it doesn’t come as a surprise to most of the IT community, the Federal Communications Commission (FCC) recently added Russian software developer Kaspersky to its list of companies that should not be used by any entity that receives funding through the FCC. Given the current geopolitical climate, this move probably shouldn’t surprise most everyone else at this point as well. The Moscow-based security and antimalware company has been under significant scrutiny since 2017 after an explosive report from Bloomberg Businessweek exposed the company’s close ties to Russia’s intelligence agencies, leading to the software being banned on all U.S. civilian government networks shortly after its publication.
What this means for you
Depending on who you talk to (including C2), Kaspersky has been on the “no-fly” list for most (non-Russian) security advisors since at least 2017, and for many of my clients who grew up during the Cold War, the software has never been a consideration because of its Russian roots, even though it was considered highly competent in the early 20-teens. It was well regarded enough that it had enough American market penetration to the point that it had to be listed and banned to force its removal from the various U.S. government agencies that had based their choices on more technical versus patriotic considerations.
If you are using it, should you remove it? The answer is obvious if you are an entity that is covered by either the US government ban or the FCC’s prohibitions, but what about your family PC? Politics aside, there are enough solid replacements out there that sticking with Kaspersky isn’t worth potential risk or bad optics it presents to U.S. companies. As for your personal computer? It’s a personal choice, of course, but Kaspersky’s technology no longer stands out from the crowd so don’t give it an edge there. Go with an option that maybe has less baggage at the moment. For personal computers we like Webroot, Malwarebytes or Bitdefender, and if you don’t the extra cash for a paid antimalware platform, the built-in options on both Windows and Mac OS X are decent enough if you are vigilant and stay away from those questionable links in strange emails.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net