Despite fears of cyber espionage, Barclays continues promoting Kaspersky products

Barclays will continue offering Kaspersky anti-virus giveaways

Amid the ongoing accusations expressed about Kaspersky anti-virus software engaging in espionage, UK multinational bank Barclays, the commercial partner of Russian anti-software company, finds itself in a complex situation.

UK spies have voiced their concerns that Kasperksky software could provide a gateway for spying on 2 millions of Barclays bank customers^[1]. The bank has cooperated with the software developer since 2008 and offered Kaspersky anti-virus tool for free to its customers.

Since then, 250 000 users are said to have used this opportunity to install the program. UK‘s intelligence agency GCHQ voiced their doubts. However, no actual evidence proving the concerns are provided. Barclays officials have issued the statement that they did not receive any warning from GCHQ or the National Cyber Security Centre (NCSC) to stop offering Kaspersky product to its clients^[2]. In contrast to these claims, the UK bank also admitted the decision to end partnership next year due to commercial reasons.

The roots of the conflict

The causes of the US government desire to purge Kaspersky software from the country might be traced to the reports about obtained NSA hacking tool from Kaspersky anti-virus US contractor's computer in 2014.

According to Eugene Kaspersky, his company analyst discovered the hacking tool which he later called associated with the Equation Group^[3]which is also called as NSA hacking tool^[4].

The owner of the company says that the malicious file which, possessed backdoor and spying features, was found in the company‘s software US contractor's PC after the latter tried to download a pirated version of Microsoft Office 2013.

The Kaspersky Lab analyst immediately informed Eugene Kaspersky. He, later on, commanded to delete the archive with the discovered claiming that the company did not need the source code to improve their protection technologies^[3].

The owner of the company also said that the file was not shared with any third parties. The explanation of the incident partially matches the article issued by the Wall Street Journal, though the latter claims the incident took place in 2015, while Eugene Kaspersky claimed it to occur in late 2014.

The Wall Street Journal article stated the contrary that the code was obtained by Russian hackers, who attempted to break into NSA network using Kaspersky software and the previously obtained hacking tool.

On the other hand, the founder of Kaspersky Lab recalls that the perpetrators, supposedly linked to Israel, hacked into their networks by using Dugu 2.0 spyware in 2015^[4].

Imitating Kaspersky software

Few might have spotted the findings published by WikiLeaks. It unraveled that US Central Intelligence Agency (CIA) wrote the code to imitate Kaspersky Lab^[5] software. The code was designed to leak important data.

The technique to foist malware by corrupting well- known security software digital certificates is steadily becoming a trend. CCleaner v 5.33^[6] case illustrates the phenomenon. In addition, Russian sources also elaborated on the CIA creation of Hive virus^[7].

In order to patch the deteriorated reputation, Eugene Kaspersky admitted submitting the source code of the anti-virus program for inspection by independent parties.

In short, the conflict still has too many holes in the story to come up with a verdict. On the final note, perhaps it would be useful to remember the lyrics of famous song – “clean up your own backyard.”