Russian AV firm Kaspersky has hit back at the German authorities after they advised organizations to replace the firm’s products due to heightened east-west tensions.
The Federal Office for Information Security (BSI) yesterday argued that critical infrastructure providers and organizations “with special security interests” were particularly exposed.
“The actions of the military and/or intelligence forces in Russia and the threats made by Russia against the EU, NATO and the Federal Republic of Germany in the course of the current military conflict are associated with a considerable risk of a successful IT attack” it explained.
“A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers.”
However, in a strongly worded reply on the same day, Kaspersky claimed that, as a private company, it has no ties to the Russian government and that the BSI’s decision was a political rather than a technical one.
“Our data processing infrastructure was relocated to Switzerland in 2018: since then, malicious and suspicious files voluntarily shared by users of Kaspersky products in Germany are processed in two data centers in Zurich that provide world-class facilities, in compliance with industry standards, to ensure the highest levels of security,” the firm explained.
“Beyond our cyber-threat-related data processing facilities in Switzerland, statistics provided by users to Kaspersky can be processed on the Kaspersky Security Network’s services located in various countries around the world, including Canada and Germany. The security and integrity of our data services and engineering practices have been confirmed by independent third-party assessments: through the SOC 2 Audit conducted by a ‘Big Four’ auditor, and through the ISO27001 certification and recent re-certification by TÜV Austria.” Read more:https://bit.ly/3IcuqrT