Anti-virus and cybersecurity vendor Kaspersky has hit back at the US government ban on its products. Earlier this week, the Department of Homeland Security told US Government departments to uninstall and stop using software from the Russian company. In an interview with the BBC, Eugene Kaspersky, founder of the company, has denied all the claims against it.
In July, Bloomberg said it had seen emails between the company and Russian Intelligence Agency, FSB. Those emails covered work being undertaken by Kaspersky (the company) on behalf of the FSB. They are also believed to say that any details that identified hackers would be passed to the FSB. Presumably this latter step would then allow the hackers to be captured and prosecuted.
On the face of it the allegations against the company seem innocuous. Most cybersecurity companies have relationships with law enforcement and the intelligence community. They regularly cooperate in international actions to track and shutdown hacking and other illegal sites. This year alone, several companies, including Microsoft, have claimed to have been involved in helping shut down sites sending out spam, malware and ransomware.
Kaspersky says this is all based on fake news
Eugene Kaspersky sees this situation as his company being the victim of the current political battle between the US and Russia. In his interview with the BBC he went on to claim that this is all based on fake news, the same battle cry used by US President Trump. The problem today is separating out the fake news from the facts. Governments and companies now claim everything is fake news when they don’t like it.
The BBC interviewer, Rory Cellan-Jones challenged Kaspersky about the core of the allegations against his company. He said: “One allegation over the summer was that if the Russian Government forced you to insert a malicious upgrade to your software then you’d have no choice but to do that.”
Kaspersky countered saying that: “It was not true first of all and what happens if the British Government sends the same order to the British software company?” He continued: “Or Americans ask their American companies to release their own update? It’s science fiction.”
Tech companies involved in government spying is nothing new
There is some uncomfortable truth here from Kaspersky for the tech industry especially in the US. When Edward Snowden made allegations of collusion between US tech companies and the NSA surfaced in 2014, there was chaos. Companies started with a blanket denial but eventually had to backtrack after the NSA general council said companies were complicit in data gathering. In effect, this is exactly what Kaspersky is being accused of.
At the time there were reports that this could seriously damage US companies. Several countries in Europe and South America carried out urgent checks on and even partial usage bans against some US products. Some commentators put the impact of that action as costing US companies over $35 billion.
What is the cost impact?
The cost of this action against Kaspersky is unlikely to be anything of the sort but it could be seriously damaging for it. While US Government revenues are small, it is a major player in the end user device security market. The question for it is whether it could survive a major hit to its revenues by losing all those customers.
There is also a challenge for US government departments and any contractors both individuals and companies. They all rely heavily on end users providing their own technology from phones to laptops and tablets. All those users will have to be persuaded to uninstall Kaspersky and install something else. It will be interesting to see how long it will take for the company’s competitors to offer cheap or even free replacement software.
What does this mean
The ban against Kaspersky could have some interesting and unwanted repercussions. It has become one of the more active research companies in this space especially in the field of Advanced Persistent Threats (APTs). Its researchers have uncovered a number of attacks that have been years in the making including The Mask, NetTraveller and Turla. They have also exposed several government sponsored attacks, some of which it is alleged originated with US allies.
The US Government says that its primary concern is the Russian government forcing Kaspersky to insert code that would compromise US national security. Russia, no doubt, will point to Glenn Greenwald’s revelations of a secret NSA programme around Cisco routers. They were intercepted and had additional hardware inserted turning them into Trojan horses. The routers were then shipped to governments and companies that the US was targeting.
It will be interesting to see if this sparks another phase of Russian retaliation. The Russian government has already called this a dangerous move. It also warns of the impact of Russian companies around the world. Will we now see the FSB release details of more US covert surveillance similar to the Cisco programme mentioned above? I wouldn’t bet against it.
Cybersecurity is entering a new and dangerous space.