Serious Questions Raised Over Kaspersky Software & Links With Russian Intelligence
Russian cybersecurity company Kaspersky Lab has been accused of working with Russian security and the KGB, with serious questions now being raised about their software that is sitting on over 400 million PC’s around the world including millions in Australia.
Kaspersky Lab CEO Eugene Kaspersky who was a keynote speaker at the recent CeBIT show in Sydney has denied the allegations that were raised by the US Government after it was revealed that Kaspersky software has been quietly embed into firewalls to sensitive telecommunications equipment—none of which carry the Kaspersky name.
In early May six U.S. intelligence and law enforcement agency chiefs were asked in an open Senate hearing whether they’d let their networks use Kaspersky software, often found on Harvey Norman and JB Hi Fi shelves.
The question from former Presidential Candidate Republican Marco Rubio, came out of nowhere, often a sign a senator is trying to indirectly draw attention to something learned in classified briefings.
Eugene Kaspersky Claims about Kaspersky Lab’s ties to the Kremlin are “unfounded conspiracy theories” and “total BS,” the company’s boisterous, barrel-chested chief executive officer responded.
While the U.S. government hasn’t disclosed any evidence of the ties, internal company emails obtained by Bloomberg Businessweek show that Kaspersky Lab has maintained a much closer working relationship with Russia’s main intelligence agency, the FSB, than it has publicly admitted. It has developed security technology at the spy agency’s behest and worked on joint projects the CEO knew would be embarrassing if made public.
“When statements are taken out of context, anything can be manipulated to serve an agenda,” the company said in a statement. “Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have any unethical ties or affiliations with any government, including Russia.”
Adding to the U.S. government’s jitters, Kaspersky recently has developed products designed to help run critical infrastructure such as power grids which is being offered to Companies operating in Australia. Last year, Eugene Kaspersky announced the launch of the company’s secure operating system, Kaspersky’s, designed to run systems that control electrical grids, factories, pipelines, and other critical infrastructure. The U.S. Défense Intelligence Agency reportedly circulated a warning that the product could let Russian government hackers disable those systems, a claim Kaspersky denied.
The previously unreported emails, from October 2009, are from a thread between Eugene Kaspersky and senior staff. In Russian, Kaspersky outlines a project undertaken in secret a year earlier “per a big request on the Lubyanka side,” a reference to the FSB offices. Kaspersky Lab confirmed the emails are authentic.
Bloomberg claims that the software that the CEO was referring to had the stated purpose of protecting clients, including the Russian government, from distributed denial-of-service (DDoS) attacks, but its scope went further. Kaspersky Lab would also cooperate with internet hosting companies to locate bad actors and block their attacks, while assisting with “active countermeasures,” a capability so sensitive that Kaspersky advised his staff to keep it secret.
“The project includes both technology to protect against attacks (filters) as well as interaction with the hosters (‘spreading’ of sacrifice) and active countermeasures (about which, we keep quiet) and so on,” Kaspersky wrote in one of the emails.
At this stage, The U.S. government hasn’t identified any evidence connecting Kaspersky Lab to Russia’s spy agencies, even as it continues to turn up the heat.
In June, FBI agents visited several the company’s U.S. employees at their homes, asking to whom they reported and how much guidance they received from Kaspersky’s Moscow headquarters.
And a bill was introduced in Congress that would ban the U.S. military from using any Kaspersky products, with one senator calling ties between the company and the Kremlin “very alarming.” Russia’s communications minister promptly threatened sanctions if the measure passed.