Security vendors: We would block police hacking

Kaspersky and Sophos say that for security reasons they would block any software used in police attempts to break into customers' systems without a warrant
Written by Tom Espiner, Contributor

Two security vendors have said they would block police attempts to hack into systems without a warrant.

The Home Office on Friday said it was working with the European Parliament on plans to extend police powers to conduct remote searches of computers. UK police already have the power to hack into suspect systems without a warrant, due to an amendment to the Computer Misuse Act, which came into force in 1995.

However, security vendors Kaspersky Labs and Sophos told ZDNet UK that they would not make any concession in their protective software for the police hack.

Kaspersky Labs said on Tuesday it would block all attempts to access its customers' systems, regardless of the agency attempting the entry.

"Ultimately, we are politically neutral, but we consider it our duty to protect our customers," said David Em, Kaspersky's UK senior technology consultant.

Cambridge University security expert Richard Clayton told ZDNet UK on Monday that UK police were most likely to hack into computers by entering a premises and installing a keylogger on the target system. This would be more effective than a drive-by download or sending an email with a malware attachment, as the chances of successful interception of data were higher, said Clayton. As an alternative, police could hack into Wi-Fi networks to search systems, he said.

Em said that while police could provide details of the software it used so Kaspersky could avoid blocking it, the police software could also be used by cybercriminals. "While we wouldn't want to scupper police attempts to catch bad guys, police [hacking] software could end up in the wrong hands," Em said.

Kaspersky would not put a backdoor in its software to enable the police to bypass its protections, Em added. "If we provided a backdoor, it could be used by malware authors," Em said. "People would be able to drive a coach and horses through our security."

Sophos would also block any attempts to compromise its customers' systems, said Graham Cluley, the security vendor's senior technology consultant.

"We block spyware, regardless of where it comes from," Cluley said. He added that police putting malware on a suspect system could backfire, if the person targeted was a criminal. "Who's to say that criminal wouldn't take that malware and use it against someone else?" he said.

Symantec declined to comment on whether it would block a police hack, saying the matter was "politically sensitive". The security vendor has said in the past that it would not scan for the FBI's Magic Lantern keystroke-logging software.

Editorial standards