Kaspersky case, the moves of Italy, France and Holland compared by Chiara Rossi

All the main IT systems of the Italian institutions use Kaspersky antivirus software but at the moment the Cybersecurity Agency has not outlined any risks. Unlike the French Anssi. And in the Netherlands, the government banned the use of antivirus in 2018

The Kaspersky case continues in Italy. With the cyber escalation that goes hand in hand with the military one between Russia and Ukraine, our country is also raising its alert. But in addition to the risk of cyber attacks against critical infrastructures in Italy, there are also questions about the possible risks associated with the use of software designed by a Russian company that connects to servers in Moscow. In fact, from Palazzo Chigi to the Ministry of Defense, from the Ministry of Justice to the Ministry of the Interior - Department of Public Security, the Kaspersky antivirus is currently installed on all the main IT systems of Italian institutions. So much so that on February 28 the deputy of the mixed group Paolo Nicolò Romano filed a parliamentary question with a written answer at the Chamber of Deputies precisely on the potential risks of Kaspersky in Italy. But the National Cybersecurity Agency (Acn) has not spoken at the moment. Unlike the French one. In fact, in France, the National Agency for the security of information systems (Anssi), the authority in charge of the state's cyber security, has issued a bulletin on the subject. While in the Netherlands even the government banned the use of Kaspersky software in government systems as early as 2018.

THE RUSSIAN ANTIVIRUS ON THE INFORMATION SYSTEMS OF ITALIAN INSTITUTIONS

In Italy, numerous entities, including the police, carabinieri, Ministry of the Interior, justice, defense use and acquire Kaspersky antivirus software. On many computers of the most important Italian security agencies there is therefore a software produced in Russia, which, every day, connects to servers in Moscow to exchange data and download any updates.

KASPERSKY DENIES TIES WITH THE RUSSIAN GOVERNMENT

Kaspersky Lab is based in the UK and one of the main players in the antivirus / antimalware market. As Zdnet reports, "the company has significant R&D capabilities in Russia, even though its main R&D center was relocated to Israel in 2017". Furthermore, Zdnet also recalls that it is believed that "the founder of the company, Eugene Kaspersky, has strong personal ties with the Putin administration". Kaspersky has repeatedly denied allegations of links with the Russian government ”. But there is a reason why the connection is under scrutiny, reflects the American tech magazine. "If Russia wants to attack the West, it has a channel ready to do so: anti-malware software designed to defend itself against this risk," warns Zdnet.

THE CERTIFICATION OF THE MISE

Meanwhile, in Italy, Kaspersky Labs obtained a security certification from Mise a month ago that allows it to be used even at the highest levels of public administration. The Ministry of Economic Development, Directorate-General for Communications Technologies and Information Security Higher Institute of Communications and Information Technologies, based on the processing in the Hungarian CCLab Software Laboratory, has issued a CC EAL2 + security certification such as to make the Kaspersky software formally eligible to run in classified environments. (Here Umberto Rapetto’s in-depth analysis on Startmag - Can you rest easy with Kaspersky?).

ACN DID NOT EXPRESS

As mentioned at the beginning, so far the National Cybersecurity Agency, headed by Roberto Baldoni, has not issued any notes on the risk posed by Kaspersky.

HOW THE AGENCY FOR THE SECURITY OF INFORMATION SYSTEMS IN FRANCE HAPPENED

Unlike what happened in France instead. On 2 March Anssi issued a CERT-FR bulletin regarding the potential cyber effects linked to the invasion of Ukraine by Russia on French entities. Among the recommendations it makes to promote the strengthening of the level of protection, the national agency for the security of information systems writes that, "in the current context, the use of some digital tools, in particular the tools of the company Kaspersky, can be involved because of their link with Russia ". So the French agency fears backlash for the use of Russian software Kaspersky?

THE FEARS OF ANSSI

This is not the case at all, as Channelnews.fr explains. Indeed, the agency fears that "Russia's isolation in the international arena and the risk of attack on Russian-related industrial players [could] affect the ability of these companies to provide updates to their products and services. and therefore to keep them at the state of the art necessary to protect its customers ". It is therefore not Kaspersky's alleged ties to the Russian state that are in question, but rather its ability to maintain state-of-the-art cybersecurity over the long term.

THE RECOMMENDATIONS PROVIDED

Hence the recommendation “to consider a strategy of diversification of cybersecurity solutions in the medium term”. Furthermore, ANSSI specifies that "at this stage no objective element justifies a change in the assessment of the quality level of the products and services provided". Therefore, “without a replacement solution, the disconnection of cyber security tools can significantly weaken the cybersecurity [of] organizations […] cannot be recommended” concludes the bulletin. Therefore, Anssi does not consider the use of Kaspersky software a risk in the immediate future. However, the French agency recommends clients to provide a plan B as a precaution.

THE KASPERSKY CALL FOR GOVERNMENT INSTITUTIONS IN THE NETHERLANDS FROM 2018

Finally, remember that there is a European country that banned Kaspersky software within the national government already 4 years ago. In 2018, the Dutch government said it had decided to phase out the use of antivirus software made by Kaspersky Labs "as a precaution". He therefore advised companies involved in safeguarding vital services to do the same. And to date, Minister of Justice and Security Dilan Yesilgöz does not want to review the government's ban on Kaspersky. The risk analysis conducted in 2018 shows that there are no concrete indications that Kaspersky actually poses a risk to the Netherlands. Concluding evidence for any of the scenarios outlined cannot be found in public sources, the report says. Consequently, it can neither be asserted nor excluded whether Kaspersky poses a threat to national security in the Netherlands. Furthermore, the Dutch report also states that Kaspersky is likely forced to cooperate by the Russian government, but does not want to. It is also likely that Kaspersky was infiltrated and compromised by a government other than the Russian one (unknowingly). The report therefore acknowledges that other antivirus companies are also at risk.

comparison