Is Kaspersky antivirus a security concern? Best alternatives

Russian owned companies have come under intense pressure from the west, and it is expected there will be more boycotts and sanctions to come, as the conflict continues.

However, what is uncertain, is what effects the financial or technological sanctions could have on Kaspersky antivirus protection. At the time of writing we understand the software is still updating, however Solace Cyber is advising clients to anticipate the possibility of disruption in service.

Concerns about Kaspersky antivirus aren’t new. The National Cyber Security Centre issued warnings against Kaspersky back in 2017 relating to the allegations from US government, that Kaspersky Labs had worked on secret projects with Russia’s Federal Security Service.

NCSC wrote to all government departments warning against the use of Kaspersky’s antivirus software, claiming there could be risks of data being exploited by the Russian government, and therefore compromise national security.

Although there are no proven links between the Russian FSS, Kaspersky have gone to great lengths to repair the damage with transparency campaigns in an effort to rebuild trust, following boycotts from the US and Dutch governments.

Solace Cyber technicians have seen antivirus routinely disabled or uninstalled as part of attacks from groups like Conti Ransomware, therefore our advice to all customers is that signature-based antivirus protection is no longer sufficient to deter new advanced cyber attacks.

While antivirus can prevent some types of ransomware, it lacks the intelligence that next generation machine-learning based solutions provides. We recommend replacing antivirus with Endpoint protection and response (EDR), that uses AI to understand abnormal behaviour, and critically, can stop a virus in its tracks from spreading and exfiltrating data within an organisation.

If you are looking at changing your antivirus, Solace Cyber can step in quickly and replace your Kaspersky solution with next-generation Fortinet Endpoint Detection and Response (EDR).

This is part of our 8 step cyber security journey, to optimise your resilience to cyber threats. Learn how it works