Justice and Security Minister Yesilgöz has made the threat analysis of antivirus company Kaspersky public after a ruling by the Supreme Court in January. The documents are now publicly available on the website of the Dutch government.
These are documents within the file ‘ Threat analysis Kaspersky Lab ‘. Yesilgöz explains the context of the analysis in an accompanying letter: “The document ‘Kaspersky Lab Threat Analysis’ is an analysis based on open sources and is one of the pieces based on which the above precaution regarding the use of Kaspersky antivirus software in 2018 Lab has been taken. In addition to this analysis, information from the intelligence and security services was also used at the time.”
Threat analysis conclusions
No conclusive evidence of an active threat from Kaspersky was found during the investigation. However, the conclusion is that the company’s cooperation with the Russian Federal Security Service poses a risk to national security. Two scenarios are conceivable:
- The Russian government forces the antivirus company to work with her, while Kaspersky doesn’t really want to.
- Kaspersky has been or is being infiltrated and compromised by a government other than the Russian one.
Based on this conclusion, the Dutch government has started to discontinue Kaspersky’s services. They have done this in phases by not renewing existing contracts and not entering into new ones. The government continued to use Kaspersky Antivirus as long as the contract was still running.
Reason for Kaspersky research
The investigation into the virus repellent was conducted in 2018 in response to reports from the United States and the United Kingdom. The governments of these countries warned against the use of Russian software and Kaspersky in particular.
Kaspersky is said to be collaborating with the Russian government to gain access to IT systems via the antivirus software. This is seen as a very serious threat to national security, as it makes Dutch customers vulnerable to cyber espionage and sabotage from Russia.
Not first request
As early as 2018, a journalist from KRO-NCRV tried to request the documents by invoking the Government Information (Public Access) Act (Wob). The then minister partially rejected this request, to which KRO-NCRV objected. Kaspersky also agreed with this objection.
Also during the hearing in April 2019, the minister decided not to disclose the documents. In the meantime, Kaspersky had submitted his own Wob request, but it was also refused. Both KRO-NCRV and Kaspersky, therefore, went to court. She did not agree with this again in 2020.
After an appeal, the Supreme Court ruled in January of this year in favor of the broadcaster and the antivirus company. The minister had to make a new decision in both cases. Yesilgöz, therefore, decided to make the threat analysis public now.
Spyware supplier Wob request rejected
At the same time as making the Kaspersky Labs documents public, the Minister of Justice and Security decided not to respond to the Wob request about spyware supplier NSO Group.
In this Wob request, correspondence, reports, evaluations, contacts, and contracts with NSO Group were requested. This is the Israeli supplier of the Pegasus spyware. As the reason for the rejection, Yesilgöz states that it would only concern documents that have already been partially made public. She also states that a search was carried out within the NCTV (National Coordinator for Security and Counterterrorism) and no additional documentation was found there.
Catch up on more articles here
Follow us on Twitter here