Big Web Security Firms Ditch Russia, Leaving Internet Users Open To More Kremlin Snooping

Ordinary Russians face another major blow to their everyday lives due to the backlash to President Vladimir Putin’s invasion of Ukraine. On the same day, two major web-security companies have decided to quit selling to them, making Russians’ internet use more vulnerable to Kremlin snooping, hacking and other cybercrimes.

The departure of the two companies, Avast, a $6 billion antivirus provider based in the Czech Republic, and Utah-based website-certification firm DigiCert, will further isolate the country of 145 million people.

“We are horrified at Russia’s aggression against Ukraine, where the lives and livelihoods of innocent people are at severe risk, and where all freedoms have come under attack,” Avast CEO Ondrej Vlcek wrote on Thursday.

Vlcek said the company was including Belarus in the withdrawal of services, and was continuing to pay the full salaries of employees in Russia and Ukraine, many of whom it was helping to relocate.

“We do not take this decision lightly,” Vlcek wrote. “We’ve offered our products in Russia for nearly 20 years and users in this country are an important part of our global community.”

While Avast joins other antivirus companies, including NortonLifeLock and ESET, in halting sales, Russians will still be able to get antivirus protection from Moscow-based Kaspersky and other providers within the country. The departure of DigiCert could prove more significant.

DigiCert is one of the world’s biggest providers of website certificates, which aim to prove that when a person visits a site it’s owned by the entity they expected. If a website loses that certificate, it’s possible for hackers or a government to intercept a person’s attempt to reach a given site and replace it with their own webpage. That could then be used to launch…