NTT Group Russian company's policy to cancel software transactions

The impact of Russia's invasion of Ukraine has also spread to the use of software products by Russian companies.

The NTT Group has decided to stop trading the products of Kaspersky, a major Russian information security company, saying that there are "security and supply chain risks".

Kaspersky is an information security company that originated in Russia, has offices in more than 30 countries around the world, and has more than 400 million users worldwide in fields such as computer virus countermeasure software.

The company was added to the US FCC's Federal Communications Commission's list on the 25th of last month, banning companies from using government subsidies to buy products and services, saying it poses a security threat. Was announced.

In response to this situation, the NTT Group has used Kaspersky Lab's security-related software as a corporation, but each group company has decided to stop trading in the future.

The software currently in use will be replaced with alternative products in sequence.

We also sell Kaspersky Lab security software on behalf of NTT Group's IT services, and we are considering reviewing this as well.

Regarding the reason for quitting the transaction, NTT Anode Energy has not confirmed that there was a technical problem in terms of safety of the product, but stated that it was "due to security and supply chain risks."

On top of that, the NTT Group states, "There is no introduction within the backbone network, and we will proceed with replacement so that it does not affect users."

In response to regulations such as the US government, Kaspersky has so far argued in a statement that it is not based on technical evaluation, such as "clearly stating that it has nothing to do with any government, including Russia."

Kaspersky Lab Japan "Continuing efforts to increase transparency"

In response to NHK's interview, Kaspersky Lab's Japanese subsidiary "cannot comment on individual cases such as customers and partners."

On top of that, about the company, "It is an international private company with a holding company in the United Kingdom, and about 80% of its business is outside Russia. From five years ago, we have been working to increase the transparency of business operations and products and services. I am. "

Specifically, he said that he is working to ensure transparency by establishing facilities in five locations around the world where customers can check the "source code" that is the blueprint of the product and the rules for detecting threats such as computer viruses. is.

"We will continue to address the concerns of our customers, partners and government agencies and increase transparency. We are always open about product and service dialogue with our customers and government agencies. I want that opportunity. "

Expert "Need to configure the system with products from multiple countries"

Professor Masakatsu Morii of Kobe University Graduate School, who is familiar with information security, said, "NTT Group is a company that plays a part in Japanese telecommunications companies, and if it is damaged, it will have a national impact. I don't think there is any way in terms of security or insurance. "

And, regarding the general risk when security software is abused, "Security software has a function to record how the computer or server is operating and send it to the security company, so by any chance such data is available. If leaked, it may lead to a cyber attack. In addition, it may be illegally modified or loaded with malware at the timing of product update. "

On the other hand, he said that there is no evidence that Kaspersky is cooperating with the Russian government, saying, "It is an international company with offices and services all over the world. If there is, it seems that there is a risk of passing data, but if the use is prohibited only by the possibility or if some people think that there is a problem with the product itself, Kaspersky can be said to be a victim. I said.

He also said, "In Japan, most of the security products are made overseas. Not all of them can be covered by domestic products, but if you rely on a specific country or product, it will affect the interests of the whole nation when something goes wrong. It could also be. It may be necessary to configure the system with products from multiple countries. "