Dr.Web has suspended the certificate required for operation

Antivirus developer Dr.Web has had its license suspended by the Federal Service for Technical and Export Control (FSTEC) for one of its key products for “non-compliance with information security requirements.” After the departure of foreign vendors, only Dr.Web and Kaspersky Lab remained on the market, experts say. At the same time, organizations of critical information infrastructure must, according to regulatory requirements, use at least two anti-virus protection tools. As a result, market participants say, revocation of the Dr.Web certificate threatens difficulties for customers.

“Kommersant” discovered in the FSTEC registry that the developer of antivirus and other cybersecurity software Dr.Web (Doctor Web LLC) has had its certificate suspended since mid-September for one of its main products – Enterprise Security Suite (a solution for protecting all corporate network objects , as well as control of mail and Internet traffic). The certificate confirms that the product can be used in systems for storing personal data and other critical information in the public sector and private organizations.

Dr.Web told Kommersant that, according to the FSTEC notification, the decision was made on the basis of “establishing the fact that a certified security tool does not comply with information security requirements.” FSTEC did not provide the developer with an explanation of what exactly this discrepancy is, the company says, so “it cannot be eliminated.” FSTEC did not answer Kommersant.

According to Russian legislation, for some companies (for example, financial organizations) it is mandatory to use two, and sometimes more, anti-virus protection tools, notes senior manager for certification and licensing of MTS RED Oksana Ryazanova: “But in fact in Russia there are only two of them – “Laboratory Kaspersky” and Dr.Web”. At the same time, the suspension of the certificate of a developer of cybersecurity tools is rather an exception, she continues: “Currently, only three products from the FSTEC register have suspended certificates, but two of them are foreign.”

If within the 90 days that FSTEC gives to eliminate violations, the problems are not resolved, the certificate may be revoked, says Kommersant’s interlocutor in the cybersecurity market: “As a result, for example, banks that have already purchased an antivirus as a second one to fulfill the Central Bank’s requirement , will not be able to use it. This will become a problem for the public sector as well.”

In general, the Russian market for consumer cybersecurity products over the year decreased by 60% in terms of license sales and by about the same in money (see Kommersant on July 11). At the same time, government purchases of antiviruses in Russia at the end of 2022 reached 2.3 billion rubles, which is 2.5 times more than in 2019, Kontur.Torgov analysts reported. The demand from companies and departments can be explained by the continued growth of cyber attacks. Their number at the end of the second quarter of 2023 increased by approximately 40% year-on-year (see Kommersant on July 8).

“The situation with Dr.Web has raised a difficult question – due to the departure of foreign vendors from Russia, the number of certified security products has decreased, sometimes to one position in a particular class,” emphasizes Kommersant’s interlocutor in the IT market. At the same time, many regulatory requirements developed before 2022 are based on the position that it is necessary to use two or more means of protection from different vendors, he notes: “This means that it may be worth reviewing all existing requirements to assess how much they take into account the situation on the Russian cybersecurity market.”

Tatiana Isakova