Surveying 17 Anti-Virus Firms on Their Security Practices

Allegations that Russian intelligence agents somehow co-opted Kaspersky Lab’s anti-virus software, enabling them to search PCs for intelligence, raise questions not just about the security of the Moscow-based security firm’s products, but all anti-virus products.

To recap: Israeli intelligence allegedly hacked into Kaspersky Lab’s network and found Russian intelligence was already monitoring the company’s communications with endpoints, as well as running searches for interesting-looking files on customers’ PCs. Cue questions about whether Moscow-based Kaspersky Lab knew or abetted those intelligence efforts.

The allegations are a reminder that all anti-virus software is designed to run at a deep level on a PC, which is required to ensure it can excise malicious code. But such capabilities could be misused. Anti-virus software typically also sends copies of suspicious-looking files back to the vendor, so its malware researchers, often working with their peers in other security firms, can study the malware and create signatures. These signatures then get pushed out to all endpoints to better protect them.

Read full news article on