The Russian IT company Abbyy has denied allegations that its software poses risks to Lithuania’s national security or gives Russian intelligence access to data.
“All of our on-premise solutions do not share any personal or commercial data that are digitized and analyzed by customers. Customers have full control of such data while using our on-premise solutions. ABBYY cloud solutions utilize a shared responsibility model and we ensure a high-level of security for our solutions to protect customers’ data,” the company’s press service said in comments sent to the media.
Read more: Lithuania's institutions use ‘unsafe’ Russian software despite warnings – cyber security centre
It noted that Abbyy’s cloud solutions “use trusted service providers, strict access control, and strong encryption”.
“Furthermore, ABBYY is compliant with applicable regulations regarding commercial and personal data use, such as GDPR. The security of ABBYY cloud solutions is regularly tested by independent security experts and approved by SOC2 and/or HITRUST certifications,” the company claimed.
Lithuanian MP Mykolas Majauskas, chairman of the parliamentary Committee on Budget and Finance, said last week that the country’s main public financial institutions continued to use Abbyy’s software despite being warned about its risks.
According to Majauskas, the country's National Cyber Security Centre (NKSC) had notified that Russia's intelligence and security services (RISS) “are legally authorised and technically capable to gain access to the data of Russian and foreign entities that use Russian software”.
“This includes the software developed by ABBYY developers headquartered in Moscow. Therefore confidentiality, integrity and access to the services provided by this particular organization can be affected by third parties,” Majauskas told BNS last week.
Meanwhile, Abbyy said in its comments that eFormFiller, the software used in Lithuania, was a custom solution developed for the Lithuanian tax authorities and “was never used in Ukraine”.
Following an investigation into the use of Russian 1C and Abbyy software by Lithuanian institutions, LRT reported several years ago that an incident with accounting software designated for electronic document exchange between enterprises, which was used in Ukraine and hit by a virus dubbed ‘NotPetya’ in June 2017, proved that software was unsafe.
Abbyy, in its turn, pointed out that its solutions “are not an analogue of accounting programs. We develop Intelligent Document Processing (IDP) solutions to improve business outcomes. eFormFiller was a custom solution developed for the Lithuanian tax authorities in 2003 and was retired.”
Newsletter
Every Friday morning.
