German cyber security agency BSI on Tuesday urged consumers not to use anti-virus software made by Russia’s Kaspersky, warning the firm could be implicated in hacking assaults amid Russia’s war in Ukraine.
Russia’s military and intelligence activities in Ukraine, and its threats to EU and NATO allies, particularly Germany, mean there is “a considerable risk of a successful IT attack”, the Federal Cyber Security Authority (BSI) said in a statement.
“A Russian IT manufacturer can itself carry out offensive operations, can be forced to attack target systems against its will, or be itself spied on as a victim of a cyber operation without its knowledge, or be misused as a tool for attacks against its own customers,” the agency warned.
Companies and operators of critical infrastructure are particularly vulnerable but individuals could also be hit, the BSI said, inviting anyone in doubt to contact it for advice.
The US banned government agencies from using Kaspersky software as early as 2017.
Kaspersky has always rejected accusations that it works with the Kremlin. But its business was badly hit by the US ban, which came into effect at a time when the company’s software was installed on hundreds of millions of computers worldwide.
Military and cyber specialists fear that Russia’s invasion of Ukraine could lead to an outbreak of cyberattacks — a “cyber Armageddon” which would have major consequences for civilians in both countries and also globally, through a spillover effect.
But a worst-case scenario has so far been avoided, as the attacks observed appear to be contained in their impact and geographical scope.
Germany has in recent years repeatedly accused Russia of cyber espionage attempts.
The most high-profile incident blamed on Russian hackers to date was a cyberattack in 2015 that paralysed the computer network of the lower house of parliament, the Bundestag, forcing the entire institution offline for days while it was fixed.
Russia denies being behind such activities.