The CEO of U.K.'s National Cyber Security Centre (NCSC) on Friday warned British government agencies to avoid using anti-virus software from Russian companies, including Kaspersky.
In a letter to departmental permanent secretaries, the director of the UK National Cyber Security Centre, Ciaran Martin, said Russian-made anti-virus software should not be used in systems containing information that would harm national security if it was accessed by the Russian government.
Provided that an antivirus software must be highly intrusive within a network so it can find malware, and also should be able to communicate back to the vendor so it knows what it is looking for and what needs to be done to defeat the infiltration, it could cause damage to the network itself
under the control of a hostile actor.
"That's why the country of origin matters," the letter reads, adding that "Russia is acting against the UK's national interest in cyberspace," and that "a Russia-based AV company should not be chosen."
Martin said his agency is in talks with Kaspersky Lab to develop a system for reviewing its products for use in Britain. In particular, NCSC is seeking "verifiable measures to prevent the transfer of UK data to the Russian state."
Kaspersky's anti-virus software was banned from U.S. government networks earlier this year on concerns the company has close ties to intelligence agencies in Moscow and that its software could be used to enable Russian spying.
Kaspersky Lab said in a statement that it looked forward to working with the NCSC on the issue.
Kaspersky has denied allegations about the safety of its products or ties to the Russian government, saying it has become a scapegoat in the midst of rising tensions between Washington and Moscow.