BSI warns against Kapersky virus protection products

Sophos as a free alternative for students and employees of the TU Darmstadt

2022/03/16

Yesterday, Tuesday, the Federal Office for Information Security (BSI) warned against the use of virus protection products from the manufacturer Kaspersky and recommended the use of alternative products. The IT Security Staff of TU Darmstadt agrees with this recommendation. As a member of the TU Darmstadt, you can install the virus protection programme Sophos, for example, free of charge.

The virus protection programme Sophos provided by the HRZ can be used free of charge by all employees and students of the TU Darmstadt. Details and download at www.hrz.tu-darmstadt.de/antivirensoftware.

Important note for your security! When using Sophos, please make sure that the systems are in the network of the TU Darmstadt, the VPN of the TU Darmstadt or your research department network so that they receive the appropriate updates.

Background to the warning about Kapersky products

The BSI writes: “Antivirus software, including the associated real-time cloud services, has far-reaching system authorisations and must maintain a permanent, encrypted and unauditable connection to the manufacturer's servers for system reasons (at least for updates). Therefore, trust in the reliability and self-protection of a manufacturer as well as its authentic ability to act is crucial for the secure use of such systems. If there are doubts about the reliability of the manufacturer, anti-virus software poses a particular risk to an IT infrastructure that is to be protected.

The actions of military and/or intelligence forces in Russia as well as the threats made by the Russian side against the EU, NATO and the Federal Republic of Germany in the course of the current armed conflict are associated with a considerable risk of a successful IT attack. A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or itself be spied on as a victim of a cyber operation without its knowledge, or be misused as a tool for attacks against its own customers.”

You can read the BSI's full warning here.

There is also an article on this at heise.de. You can read it here.