Spies may be watching your every online move if you have loaded Russian antivirus software on your computer.
The warning comes from Britain’s spooks at the National Cyber Security Centre.
The boss leading the fight against hackers and other online threats has warned government agencies not to load the software because the Kremlin could be exploiting secret back door security holes that give them unauthorised access to machines.
The warning was in a letter to the heads of the UK’s government agencies which was later released to the media.
The NCSC head Ciaran Martin explained in the letter that in cases where access to the information by Russia “would be a risk to national security, a Russia-based anti-virus company should not be chosen.”
Kaspersky Labs deny spyware claims
One Russian firm, Kaspersky Lab, denied the slur but is seeing their customers slip away as the US government issued a similar warning recently.
The lab has denied claims that their software is linked to Russian security agencies
“We have no unethical ties or affiliations with any government, including Russia and have never helped, nor will help, any government in the world with cyberespionage or offensive cyber efforts,” says a company spokesman.
But they are hardly going to admit their software, which is loaded on to millions of machines in homes and businesses across the globe is spyware.
The NCSC is challenging Kasperky to verify their pledge by allowing governments to independently verify their software is secure.
Fears for antivirus software
But the NCSC has more general concerns about the future of anti-virus software.
“To work properly, anti-virus software must be highly intrusive within a network, so it can find malware and be able to communicate back to the vendor,” said Martin.
“We need to be vigilant to the risk that an antivirus product under the control of a hostile actor could extract sensitive data from that network, or indeed cause damage to the network itself. That’s why the country of origin matters.”
However, the NCSC is urging non-government users not to panic if they have Kaspersky software on their machines.
“Analysis of Russian state intent is that it targets national security interests, not personal or business users,” said Martin.