Why The government wakes up on Kaspersky by Chiara Rossi

A regulation is coming to start the replacement of the Russian Kaspersky antivirus, currently active in about 2700 public administrations

The Italian government takes cover on Kaspersky and stops the Russian antivirus. A rule is on the way to allow public administrations to stop using the Russian Kaspersky antivirus and start replacing it. This was announced yesterday in the Senate by Undersecretary to the Presidency of the Council, Franco Gabrielli, with responsibility for the Services "to dispose of not only Kaspersky, but also other Russian platforms that are available to Consip and the Public Administration". As reported by Repubblica, the law provides for the allocation of “funds to buy a new one and avoiding problems of a tax nature to those who legitimately bought it in recent years. An emergency measure, which will be approved in the next few hours by the Council of Ministers, confirming how much the issue of information security is linked to Russian products, first of all those of the global cybersecurity giant, represents today for the Italian government an ' absolute emergency ". In fact, the move follows the alarm launched by the National Cybersecurity Agency, according to which it is "appropriate to consider the security implications deriving from the use of information technologies provided by companies linked to the Russian Federation". In fact, since the escalation of the crisis in Ukraine, experts have been wondering about the risks associated with the use of information technologies provided by companies linked to Russia. From Palazzo Chigi to the Ministry of Defense, from the Ministry of Justice to the Ministry of the Interior - Department of Public Security, the Kaspersky antivirus is currently installed on all the main IT systems of Italian institutions. All the details. THE RUSSIAN ANTIVIRUS ON THE INFORMATION SYSTEMS OF ITALIAN INSTITUTIONS In Italy, about 2,700 public bodies, including the police, carabinieri, Ministry of the Interior, justice, defense use and acquire Kaspersky antivirus software. On many computers of the most important Italian security agencies there is therefore a software produced in Russia, which, every day, connects to servers in Moscow to exchange data and download any updates. THE CERTIFICATION OF THE MISE Meanwhile, on January 26, Kaspersky Labs obtained a security certification from the Mise in Italy that allows it to be used even at the highest levels of the public administration. The Ministry of Economic Development, Directorate-General for Communications Technologies and Information Security Higher Institute of Communications and Information Technologies, based on the processing in the Hungarian CCLab Software Laboratory, has issued a CC EAL2 + security certification such as to make the Kaspersky software formally eligible to run in classified environments. THE ACN ALARM However, the evolution of the conflict in Ukraine could "jeopardize the reliability and effectiveness of information technologies provided by companies linked to Russia. Yesterday he thus alarmed the National Cybersecurity Agency, led by Roberto Baldoni. On the Csirt website, Italian companies are recommended "to urgently proceed with an analysis of the risk deriving from the IT security solutions used". And "to consider the implementation of appropriate diversification strategies with regard, in particular, to the following product categories for device security: antivirus; 'Web application firewall'; email protection; protection of cloud services; managed security services ". THE LOCATION OF KASPERSKY "Kaspersky is a privately held global cybersecurity company and, as a private company, has no connection with the Russian government or any other government." So the company replied in an official note. "The National Agency for National Security - he adds - stated that it would be 'appropriate to consider the security implications deriving from the use of information technologies provided by companies linked to the Russian Federation'. We share the fact that these statements are based on decisions related to a geopolitical problem related to the current context and are not the result of a technical evaluation of Kaspersky products. Precisely to support the risk analysis, we invite institutions to visit our transparency center in Zurich "concluded the company.