Ciaran Martin, the director of the U.K. National Cyber Security Centre, warned British agencies against installing Russian products including specifically Kaspersky software in a letter distributed to agency heads and published online Friday evening, December 1.
“The NCSC advises that Russia is a highly capable cyber threat actor which uses cyber as a tool of statecraft. This includes espionage, disruption and influence operations,” the letter said. “Russia has the intent to target U.K. central Government and the U.K.’s critical national infrastructure.”
“We advise that where it is assessed that access to the information by the Russian state would be a risk to national security, a Russia-based AV company should not be chosen,” Mr. Martin added wrote department heads. “In practical terms, this means that for systems processing information classified SECRET and above, a Russia-based provider should never be used.”
The NCSC has contacted Kaspersky about developing a framework for independently verifying its products, “which would give the government assurance about the security of their involvement in the wider U.K. market,” Mr. Martin wrote.