Security vendors Sophos and Kaspersky Lab this week said they would block UK police
attempts to hack into people's computer systems without a warrant.
The UK Home Office last week said it was working with the European
Parliament on plans to extend police powers to conduct remote
searches of computers. UK police already have the power to hack
into suspect systems without a warrant, due to an amendment to the
Computer Misuse Act, which came into force in 1995.
Ultimately, we are politically neutral, but we consider it our
duty to protect our customers
Kaspersky's David Em
However, security vendors Kaspersky Labs and Sophos told ZDNet.com.au sister site ZDNet UK that they would not make any concession in their protective software for the police hack.
Kaspersky Labs said it would block all attempts to
access its customers' systems, regardless of the agency attempting
the entry. "Ultimately, we are politically neutral, but we consider it our
duty to protect our customers," said David Em, Kaspersky's UK
senior technology consultant.
Cambridge University security expert Richard Clayton said that UK police were most likely to hack into computers
by entering a premises and installing a keylogger on the target
system. This would be more effective than a drive-by download or
sending an email with a malware attachment, as the chances of
successful interception of data were higher, said Clayton. As an
alternative, police could hack into Wi-Fi networks to search
systems, he said.
Em said that while police could provide details of the software
it used so Kaspersky could avoid blocking it, the police software
could also be used by cyber-criminals. "While we wouldn't want to
scupper police attempts to catch bad guys, police [hacking]
software could end up in the wrong hands," Em said.
Kaspersky
would not put a backdoor in its software to enable the police to
bypass its protections, Em added. "If we provided a backdoor, it
could be used by malware authors," Em said. "People would be able
to drive a coach and horses through our security."
Sophos would also block any attempts to compromise its
customers' systems, said Graham Cluley, the security vendor's
senior technology consultant.
"We block spyware, regardless of where it comes from," Cluley
said. He added that police putting malware on a suspect system
could backfire, if the person targeted was a criminal. "Who's to
say that criminal wouldn't take that malware and use it against
someone else?" he said.
Symantec declined to comment on whether it would block a police
hack, saying the matter was "politically sensitive". The security
vendor has said in the past that it would not scan for the FBI's
Magic Lantern keystroke-logging software.