Moscow-based anti-virus software maker Kaspersky has responded to Germany's Federal Office for Information Security (BSI) recent recommendation to use alternative products in the wake of the Russian invasion of Ukraine. The tech company said the warning was based on "political grounds" and not determined on technical assessments of its cybersecurity tools.
Kaspersky countered the BSI's warning in an official statement on Tuesday, insisting to its partners and customers in Germany that it is a private cybersecurity company with operations in different parts of the world. The company added that, as a private company, it has no ties with the Russian government.
"We believe that peaceful dialogue is the only possible instrument for resolving conflicts," Kaspersky said. "War isn't good for anyone." The company added that it aims to work with BSI for clarifications and to address its concerns.
The company's statement comes shortly after the BSI officially recommended German companies and agencies using tools developed by Kaspersky to use alternative software products for cybersecurity. "The actions of military and/or intelligence forces in Russia and the threats made by Russia against the EU, NATO and the Federal Republic of Germany in the course of the current armed conflict are associated with a considerable risk of a successful IT attack," BSI's press release reads (via machine translation).
Germany's federal infosec agency warned that a Russian IT company such as Kaspersky could launch operations on its own or be forced by the Russian government to "attack." The BSI also noted that operations of Russia-based tech companies could be placed under surveillance without its knowledge or be used against its customers.
Kaspersky also pointed out that it has moved its data processing facilities to Switzerland as of 2018. The company added that "malicious and suspicious files voluntarily shared" by its customers in Germany are being processed in two data centers located in Zurich. Other statistics shared from computers and networks using Kaspersky products are processed in facilities around the world, including Canada and Germany, the company said.
Despite BSI's warning, the agency is not banning Kaspersky's products in Germany. But it is encouraging German companies and organizations to conduct their own assessments or consult with BSI-certified IT security service providers.