UK agencies warned off Russian anti-virus software maimed

The guidance was issued in an open letter to all UK permanent secretaries and released to the public on Saturday.

NCSC chief executive Ciaran Martin cautioned in the letter that in cases where access to the information by Russia 'would be a risk to national security, a Russia-based (anti-virus) company should not be chosen.'

The guidance goes further, adding that 'for systems processing information classified SECRET and above, a Russia-based provider should never be used.'



https://cde.instructure.com/eportfolios/282701/Home/ZipDownloadMp3_MojoMama_Red_White_and_Blues_Album_Download
https://cde.instructure.com/eportfolios/282700/Home/Download_Zip__Mp3_Origod__Solitude_in_Time_and_Spac_Full_Album_Download
https://cde.instructure.com/eportfolios/282699/Home/DOWNLOAD_ALBUM_Polo_Hofer__Duette_19772007_Zip_Mp3


US drops Kaspersky Lab

The UK government step follows a similar move by the United States in September, when the Department of Homeland Security ordered government agencies to remove any products from Moscow-based Kaspersky Lab because of security concerns.

The company has been battling allegations that it has links to Russian spy agencies. It rejects the allegations and said in September that it doesn't have 'unethical ties or affiliations with any government, including Russia' and 'has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts.'

Martin, of the NCSC, said the nature of anti-virus software gave cause for extra concern.

In order to work properly, anti-virus (AV) software must 'be highly intrusive within a network so it can find malware' and 'be able to communicate back to the vendor,' Martin said.

'We need to be vigilant to the risk that an AV product under the control of a hostile actor could extract sensitive data from that network, or indeed cause damage to the network itself,' he said. 'That's why the country of origin matters.'

Consumers told 'don't panic'

The NCSC said it was in discussions with Kaspersky Lab -- the largest Russian anti-virus software player in the United Kingdom -- with the aim of developing a framework that it can 'independently verify' in order to ensure security.

'We are seeking verifiable measures to prevent the transfer of UK data to the Russian state,' Martin said.

Martin said the guidance was for the time being directed only toward government departments because the center's 'analysis of Russian state intent is that it targets national security interests.'

The agency saw 'no compelling case at present to extend that advice to wider public sector, more general enterprises, or individuals' and urged people not to be alarmed, said its technical director, Ian Levy.

'Whatever you do, don't panic,' Levy said. 'We really don't want people doing things like ripping out Kaspersky software at large, as it makes little sense.'

Martin said the guidance was for the time being directed only toward government departments because the center's 'analysis of Russian state intent is that it targets national security interests.' The guidance goes further, adding that 'for systems processing information classified SECRET and above, a Russia-based provider should never be used.' 'We are seeking verifiable measures to prevent the transfer of UK data to the Russian state,' Martin said. Martin said the guidance was for the time being directed only toward government departments because the center's 'analysis of Russian state intent is that it targets national security interests.' 'We are seeking verifiable measures to prevent the transfer of UK data to the Russian state,' Martin said. 'We need to be vigilant to the risk that an AV product under the control of a hostile actor could extract sensitive data from that network, or indeed cause damage to the network itself,' he said. 'That's why the country of origin matters.' 'We need to be vigilant to the risk that an AV product under the control of a hostile actor could extract sensitive data from that network, or indeed cause damage to the network itself,' he said. 'That's why the country of origin matters.' In order to work properly, anti-virus (AV) software must 'be highly intrusive within a network so it can find malware' and 'be able to communicate back to the vendor,' Martin said. The UK government step follows a similar move by the United States in September, when the Department of Homeland Security ordered government agencies to remove any products from Moscow-based Kaspersky Lab because of security concerns. 'Whatever you do, don't panic,' Levy said. 'We really don't want people doing things like ripping out Kaspersky software at large, as it makes little sense.' US drops Kaspersky Lab The UK government step follows a similar move by the United States in September, when the Department of Homeland Security ordered government agencies to remove any products from Moscow-based Kaspersky Lab because of security concerns. The guidance goes further, adding that 'for systems processing information classified SECRET and above, a Russia-based provider should never be used.' Martin, of the NCSC, said the nature of anti-virus software gave cause for extra concern. The guidance was issued in an open letter to all UK permanent secretaries and released to the public on Saturday. 'Whatever you do, don't panic,' Levy said. 'We really don't want people doing things like ripping out Kaspersky software at large, as it makes little sense.' The NCSC said it was in discussions with Kaspersky Lab -- the largest Russian anti-virus software player in the United Kingdom -- with the aim of developing a framework that it can 'independently verify' in order to ensure security. The company has been battling allegations that it has links to Russian spy agencies. It rejects the allegations and said in September that it doesn't have 'unethical ties or affiliations with any government, including Russia' and 'has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts.'

#newsupdatenow