UK government urged to swerve Russia-based AV companies

All UK government departments could effectively be banned from using anti-virus (AV) software developed by Russian companies including Kaspersky amid fears regarding national security.

This comes following warnings from the National Cyber Security Centre (NCSC) that addressed the issue of supply chain risk in cloud-based products, including AV software and explained “how departments should approach the issue of foreign ownership of AV suppliers.”

A guidance note published by the NCSC was fairly blunt, saying: “Where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen.”

It added: “In practical terms, this means that for systems processing information classified SECRET and above, a Russia-based provider should never be used.”

A blanket ban on Kaspersky software across UK government would resemble a similar move on the other side of the Atlantic from September, when at least six US federal agencies were ordered to wipe and replace any Kaspersky software from government networks within 90 days.

However, the NCSC’s warning has already had repercussions. Over the weekend, Barclays Bank emailed 290,000 online customers to announce it had suspended offering free Kaspersky anti-virus products as a “precautionary decision”.

NCSC's technical director Ian Levy doesn’t believe the general public should uninstall their Kaspersky software just yet though.

"We really don't want people doing things like ripping out Kaspersky software at large as it makes little sense," he added.