Germany Warns Kaspersky Could Be Used to ‘Attack’ During Ukraine Invasion

The German Federal Office for Information Security (BSI) published a warning on Tuesday recommending readers replace antivirus software from Russian cybersecurity firm Kaspersky with other products.

The announcement is the latest in a long line of accusations and moves against the company, including the U.S. government banning the use of Kaspersky products from government systems in 2017. The announcement comes as Russia continues its brutal invasion on Ukraine and fires missiles into its capital Kyiv.

“The actions of military and/or intelligence forces in Russia and the threats made by Russia against the EU, NATO, and the Federal Republic of Germany in the course of the current armed conflict are associated with a considerable risk of a successful IT attack,” a translated version of the announcement reads. “A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers.”

In a related FAQ section, the BSI added that “The warning relates in particular to strategic goals. It is to be expected that state institutions, critical infrastructures, companies in the special public interest, the manufacturing industry and important areas of society may be affected.”

Kaspersky, for its part, told Motherboard in a statement: “We believe this decision is not based on a technical assessment of Kaspersky products—that we continuously advocated for with the BSI and across Europe—but instead is being made on political grounds. We will continue to assure our partners and customers in the quality and integrity of our products, and we will be working with the BSI for clarification on its decision and for the means to address its and other regulators’ concerns.”

“At Kaspersky, we believe that transparency and the continued implementation of concrete measures to demonstrate our enduring commitment to integrity and trustworthiness to our customers is paramount. Kaspersky is a private global cybersecurity company and, as a private company, does not have any ties to the Russian or any other government,” the statement added.

In its statement, Kaspersky pointed to how its data processing infrastructure was relocated to Switzerland in 2018, and that files shared by German users of its products are specifically processed by two data centers in Zurich.

Kaspersky has long faced accusations that its software could be weaponized by Russian authorities. In one earlier case, Kaspersky’s antivirus software was installed on the home computer of NSA worker Nghia Hoang Pho. The software uploaded a collection of classified files and code that Pho had taken home. Eugene Kaspersky, the company’s founder, ordered for the material to be deleted once the upload was discovered.

Eugene Kaspersky has tried to maintain a line of neutrality around the invasion of Ukraine, tweeting recently that he hoped negotiations between Ukraine and Russia would lead to “a compromise.”

In its statement on Tuesday about the BSI announcement, Kaspersky as a company toed a slightly different line.

“We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone,” the statement read.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.