Security warning Kaspersky, The security warning against the use of Kaspersky software published in March by the Federal Office for Information Security (BSI) is controversial.
Research by Bayerischer Rundfunk (BR) and “Spiegel” suggests that the justification of the BSI is based primarily on presumed political assumptions and not on technical and scientific expertise.
As the two media report, a department head at the BSI used to issue a warning because the Russian state could have already exploited the company: “Hackers could have already completed their preparations and are only waiting for an order to use them”.
However, another department head at the BSI opposed this conclusion and argued that that the existence of a security gap – which would undoubtedly justify a warning – had not been clearly explained: “However, this seems to me to be particularly important here, since we cannot currently prove a technical security gap” it continues.
At the same time, attention was drawn to it that Kaspersky launched its servers years ago relocated to Switzerland to avoid access by the Russian government. The security warning was issued despite these concerns.
Dennis-Kenji Kipker, professor of IT security law at the university Bremen, accuses the “Spiegel” according to the BSI of basing its justification on assumptions and pure speculation. The BSI worked “clearly on the basis of the result” and made the decision without providing a justification or justification. This only came about afterwards.
As a result, this is not based on a technical-professional assessment, but only on a political assessment of the situation.
According to Kipker, the BSI should only have warned about Russian software in general and not explicitly about the company’s products. If they applied the same standards to non-Russian products, it would have to be warned against Chinese, American and Israeli software solutions. The BSI, on the other hand, sees it differently.
A spokesman told “Spiegel” that the court decisions to date have “confirmed his assessment of the current risk situation and the resulting warning against the use of virus protection software from the Russian manufacturer”.
In mid-March, just under two Weeks after Russia’s invasion of Ukraine, the B.S.I. issued a security alert regarding products from the Russian security company Kaspersky.,The allegations were that Kaspersky could either conduct offensive operations itself or could be forced to do so against his will.
The BSI was also convinced that Kaspersky products could be used for cyber espionage or for cyber attacks on the company’s customers.