Update 03.28.22: The FCC has added Russia-based Kaspersky to its list of companies posing unacceptable risk to national security. Source: CyberScoop.com.
The Russian incursion into Ukraine highlights a new era in cyber warfare that impacts individuals and organizations around the world. It represents a time when people can no longer rely upon their geographic location to separate themselves from conflict. While the conventional wars of years past were confined to specific locations, today’s battles are also waged across a digital space that encompasses the globe. This point was emphasized recently by Germany and Italy, who released separate statements cautioning users of potential cyber risks associated with Kaspersky software.
The warnings alerted users that the Russian government could pressure Moscow-based Kaspersky to perform cyberattacks, a scenario Kaspersky vehemently denies. Yet, this is not the first time Kaspersky Labs has faced allegations of collaborating with the Russian Federal Security Services (FSB). In 2017, Kaspersky products were banned from U.S. government agencies after the Department of Homeland Security accused the company of cyber espionage. In December of the same year, Britain’s National Cyber Security Centre (NCSC) also issued a warning against using Russian antivirus (AV) products.
The NCSC warning outlined the multiple dangers of using an AV vendor who may be susceptible to malicious influence. Specifically, the nature of most AV solutions requires that the software to be “highly intrusive” within the environment, in order to locate malware. The AV solution must also have a system to communicate its findings back to the vendor, in many cases across international boundaries. For these reasons, the NCSC advises organizations against using an AV company hosted in a foreign nation whose government may become hostile.
From a cybersecurity perspective, the current circumstances in Ukraine favor unscrupulous actors while placing legitimate organizations and citizens at a severe disadvantage. The global digital space is not a place of hard boundaries or easily verifiable national identities. Russia hosts many capable and historically active cyber threat groups. Recent evidence of this grim reality includes numerous destructive cyberattacks targeting institutions in Ukraine. Ukraine, for its part, says hundreds of thousands of IT specialists are assisting their own war efforts. There are also stateless actors, like Anonymous, who have entered the conflict and conducted successful operations against Russian email systems and news channels.
The increased cyber activity from nation states and hacker groups creates chaos that provides cover to threat actors worldwide. Advanced persistent threat groups (APTs) often copy the techniques, tactics, and procedures (TTPs) of other attackers to conceal their own identity. The conflict in Ukraine creates opportunities for APTs to mask their identities, deploy war-themed lures, and better obfuscate their activities while striking targets worldwide. This puts every organization, everywhere, at an increased risk of cyberattack.
Many organizations may be wondering if their legacy AV solutions are trustworthy and able to protect them against modern or nation-state attacks. They may be further concerned that replacing their current cybersecurity toolset will temporarily expose them to increased risks or disrupt operations. BlackBerry recommends that these companies seek an effective, simple, and harmonious cybersecurity replacement that can gradually be phased in with their current technology.
To that end, BlackBerry offers a proven portfolio of cybersecurity solutions that solve the issues of intrusive, antiquated AV products. BlackBerry deploys advanced artificial intelligence (AI) in multiple configurations, cloud-based and on-premises, to protect your environment, users, and data on a 24x7x365 basis. Our Cylance® AI engine is trained on billions of file features, giving it the ability to detect and prevent both known and zero-day malware. Applying this same AI training process to indicators found in network, access, and human behavior patterns allows Cylance AI to recognize countless types of cyberattacks. Our award-winning managed services team offers a seamless migration process for upgrading your organization’s security posture without suffering disruptions or overtaxing your IT staff. Interested parties are encouraged to request a BlackBerry® consultation.
Today’s business environment demands cybersecurity solutions you can rely on to detect and prevent cyberattacks before they cause damage. To protect your organization with a trusted, prevention-first, AI-driven platform, visit our antivirus replacement solution page today.