The German cybersecurity agency BSI on Tuesday urged customers not to use anti-virus software developed by Russia’s Kaspersky, saying the firm could be involved in hacking attacks during Russia’s war in Ukraine.
The Federal Cyber Security Authority (BSI) said in a statement that Russia’s military and intelligence activities in Ukraine and its threat to the EU and NATO allies, especially Germany, meant “there is a substantial risk of a successful IT attack”.
“A Russian IT maker may carry out an offensive operation on its own, be forced to attack a target system against its will, or be spied on as a victim of an unintentional cyber operation, or misused as a tool of attack against its own customers.” The agency warned.
Companies and critical infrastructure operators are particularly vulnerable but individuals can also be hurt, the BSI said, inviting anyone in doubt to contact for advice.
The U.S. banned government agencies from using Kaspersky software in early 2017.
Kaspersky has always denied allegations that it works with the Kremlin. But its business was badly damaged by the US embargo, which took effect at a time when the company’s software had been installed on millions of computers worldwide.
Military and cyber experts fear that Russia’s invasion of Ukraine could lead to an outbreak of cyber-attacks – a “cyber armageddon” that could have a spillover effect on civilians in both countries and around the world.
The worst-case scenario, however, has been avoided so far, as targeted attacks appear to be within their influence and geographic scope.
In recent years, Germany has repeatedly accused Russia of cyber espionage.
The most high-profile incident blamed on Russian hackers to date was a cyber attack in 2015 that crippled the computer network in the lower house of parliament, the Bundestag, forcing the entire organization offline for a few days.
Russia denies any involvement.