The Daily Mail whisks up Kaspersky fears – but where’s the meat?

Graham Cluley

The Daily Mail aims for Kaspersky and... umm... misses

British newspaper The Daily Mail has published an article on its website, designed to petrify millions of customers of Barclays Bank.

Daily mail

The headline breathlessly reads:

“Has Barclays given millions of customers ‘anti-virus software’ that’s actually SPYING on them for the Russian government?”

Make a note. Whenever you see the Daily Mail publish a headline which asks a question, the correct answer is invariably “no”. If they had any reason to believe it was “yes”, then they wouldn’t have posed it as a question.

The truth is that newspapers post these “Is the Loch Ness Monster on Tinder?”-style headlines because they know they’ll get more clicks than if they use a headline which reflects the actual conclusion of the article.

As we’ll see when we dig into this article, the story just doesn’t stand up.

Security chiefs are concerned that free anti-virus software handed out by Barclays is spying on customers for the Russian government.

GCHQ officials have been concerned about the Kaspersky Lab, which is led by a former Soviet military intelligence expert and supplied the bank with the software, amid fears it may have been influenced by Vladimir Putin’s Federal Security Service.

There are now fears that any Barclays customers who are in high-security jobs are at risk of having their personal files hacked.

From the above preamble to the article you imagine that you’ll find some juicy background on how worried GCHQ is about Kaspersky, or some anonymous sources within Barclays confiding their concerns to the Daily Mail.

But instead you get this…

However, both Barclays and GCHQ have confirmed that neither organisation has been in contact with the other about any potential breaches.

A spokesman for the relevant arm of GCHQ, the NCSC, told the Financial Times: “The NCSC has never advised Barclays against the use of Kaspersky products. Any suggestion to the contrary is categorically untrue. The NCSC is not a regulator and does not mandate or ban any products. Our certification schemes do not currently cover anti-virus or anti-malware services.”

A Barclays spokesman corroborated this, adding: “We have never received any advice or guidance from GCHQ or the National Cyber Security Centre in relation to Kaspersky.”

And that’s it, aside from a standard statement from Kaspersky denying any wrongdoing.

The Daily Mail‘s frankly pointless article, and utterly misleading headline, come amid real problems for Kaspersky in the United States – where it is finding itself controversially attacked by competitors and struggling to keep contracts after private briefings from the FBI.

You can hear more about the pickle Kaspersky has found itself in, in this edition of the Smashing Security podcast.

Smashing Security #047: 'Kaspersky, AI, and a well-handled data breach'

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Of course, if you do read the Daily Mail article you will enjoy this wonderful typo.

Internet baking

This isn’t, of course, the first time that The Daily Mail has proven itself to be bonkers in a computer security-related story.

Now, if you’ll excuse me I’ll go back to reading about barefaced beauty Pippa Middleton going makeup-free as she enjoys a day out with a friend and Angelina Jolie oozing glamour in a black blazer and cocktail dress in Los Angeles.

It feels to me that the kind of content the Daily Mail website does best.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “The Daily Mail whisks up Kaspersky fears – but where’s the meat?”

  1. Can't help thinking that it would be a little stupid for Russian intelligence to use a Russian cyber security firm to spy on others. More likely use a foreign cyber security to do the spying. Also from a competition angle I suspect some cyber security companies are taking advantage of this situation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES