I remember watching the pilot episode of Sherlock. In my admittedly limited knowledge and opinion, it was absolutely brilliant. Produced by BBC, the 60-minute episode titled “A Study in Pink” was based on the first novel written by Arthur Conan Doyle, A Study in Scarlet and follows the case of a strange number of deaths that the police, led by Detective Inspector Lestrade, can only describe as serial suicides. We’ll let you watch the series in case you haven’t for the minute details but we will spoil the ending here: The murderer was a cabbie. Just before Sherlock and Dr Watson team up to put take the culprit down, there’s a great rally of dialogue. In it, the cabbie confesses saying, “See no one ever thinks about the cabbie. It’s like you’re invisible. Just the back of an ‘ead. Proper advantage for a serial killer.”
I loved that line at the time. I’d forgotten how much until reading up on the whole United States-Kaspersky fiasco. Thanks to the nature of its job, your antivirus is the foundation of your computer. In order to protect you from being compromised, it requires access to nearly every program, application, web browser, email and file. That requirement makes it the perfect weapon for clever hackers to manipulate if they want to do anything malicious. Your antivirus is the cabbie from that Sherlock Episode. It’s an invisible threat.
According to a slew of reports around September last year, the Russian government used antivirus software from the private Russian company Kaspersky to steal classified U.S. data from the home computer of a National Security Agency (NSA) developer. In truth, many intelligence agencies were concerned that Kaspersky’s software was a backdoor for Russian intelligence for a long time but couldn’t prove their suspicions. In fact, even when Edward Snowden leaked NSA documents in 2008, there was a draft in there stating that Kaspersky’s software – used by some 400 million people worldwide – collected sensitive information from customers’ machines. Acting swiftly, the United States removed Kaspersky Lab from a list of approved federal vendors, while its Homeland Security banned the Russian security software maker outright. Kaspersky Labs, for its part, has denied any knowledge or involvement with the document theft and has even filed a lawsuit against the Trump administration over a ban on its anti-virus products.
Now we obviously can’t prove whether the United States is right with its allegations. What we can tell you is that after the United States, the UK too has banned its government departments from using Kaspersky software. Thing is, the United States’ fears are legit. Most customers, by default, tend to agree to allow security vendors to send anything from their machine back to vendors’ servers for further investigation. While this is great for instances when the vendor can evaluate a particular threat, it also leaves the end user vulnerable because – to simply a rather complex procedure – a decent hacker could trick Kaspersky’s antivirus to mark and then quarantine sensitive information from your computer. So much so, that the antivirus software you spent so much money on would become the hackers own Google search for your information. It would be invisible. Proper advantage for a hacker.
So what can you do to stop something like this? Besides stop using a compromised antivirus software, nothing. And how can you be certain a particuilar antivirus software isn’t compromised? You can’t. Happy New Year.