The global cyber security company, Kaspersky, has landed itself in the headlines once more as the General Service Administration of the US has removed Kaspersky and its products from a list of approved vendors. The General Service Administration is responsible for federal government purchasing contracts. This will undoubtedly make it more difficult to buy Kaspersky products within the borders of the US. The GSA stated that “GSA's priorities are to ensure the integrity and security of US government systems and networks and evaluate products and services available on our contracts using supply chain risk management processes,” in response to the removal from the aforementioned list.
Kaspersky’s removal from the GSA’s list of approved vendors due to what US law officials see as close ties to the Russian Intelligence Agency, the FSB. US Officials see this relationship as more than cordial and believe the alleged relationship between the FSB and Kaspersky could place American networks in danger, and the potential to increase Russia’s cyber espionage ability. In a congressional hearing in May, it expressed concern over the links between the Russian tech giant and the Russian Government. However, the hearing stopped short of providing any concrete evidence proving such links.
Kaspersky made further headlines this year when it went on record to state that Microsoft was adopting unfair business practices in what Kaspersky views as Microsoft’s attempt to monopolize the cyber security industry. Given the public spat, one can assume Microsoft and other American companies will not shed a tear at the news.
Prior to Kaspersky issuing a press release, Bloomberg News reported on the matter. In the Bloomberg article, the business news agency reported having emails that date back to 2009 which allegedly prove the relationship between Kaspersky and the FSB is much closer than the tech company lets on. Bloomberg further reports that Kaspersky developed software at the behest of the FSB. The software was intended to be an anti-DDoS tool, which Kaspersky hoped to turn into a marketable product, according to Bloomberg. Kaspersky has admitted the emails are authentic but further stated that they had been taken out of context. It is important to remember that firms like Kaspersky often keep close ties with intelligence agencies not only within its home country of Russia but other international agencies. Given that Europe and the US make up $374 million of the company’s $633 million in sales in 2016, according to researchers at International Data Corp, it is unlikely the company would court relationships to jeopardize their bottom line.
In a press release issued two days ago by Kaspersky a spokesperson went on to say:
Regardless of how the facts are misconstrued to fit in with a hypothetical, false theory, Kaspersky Lab and its executives do not have inappropriate ties with any government. The company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime.
In the internal communications referenced within the recent article, the facts are once again either being misinterpreted or manipulated to fit the agenda of certain individuals desperately wanting there to be inappropriate ties between the company, its CEO and the Russian government, but no matter what communication they claim to have, the facts clearly remain there is no evidence because no such inappropriate ties exist.
The press release goes on to address each of the concerns raised in the Bloomberg article as well as listing other instances where Kaspersky worked with international intelligence agencies to help in preventing attacks or providing crucial intelligence on the attacks. As has become tradition Eugene Kaspersky, CEO of Kaspersky Labs, published on his blog his thoughts on the matter. In his blog post he goes on to state:
For some reason, the assumption continues to resonate that since we’re Russian, we must also be tied to the Russian government. But really, as a global company, does anyone seriously think we could survive this long if we were a pawn of ANY government? Our whole business is based on one thing – besides expertise – and that’s trust. Would we really risk our whole business by undermining our trustworthiness?
Obviously, as a private company, Kaspersky Lab and I have no ties to any government, and we have never helped, nor will help, any government in the world with their cyber-espionage efforts (cyber-espionage is what we’re fighting!). While I find these ongoing accusations and false allegations extremely frustrating, I’ve noticed that all the attacks possess a few things in common, including:
A complete lack of evidence;
Conspiracy theories and pure speculation;
Assumptions reported as irrefutable facts;
Manipulation of widely-known facts;
Many in Russia see these latest allegations leveled at Kaspersky to be thinly veiled protectionism of American interests including that of American business.
Cold War 2.0
In response to the GSA’s actions and statements made by American politicians and law enforcement agencies, Russia has not ruled out retaliatory measures in response to Kaspersky’s banning. Russian officials have also gone on record to deny the allegations leveled at both its intelligence agency and Kaspersky. This has all the hallmarks of turning into another spat between the two nations which will inevitably result in relations remaining less than cordial. With President Trump not been very clear where he stands in terms of foreign policy with regards to Russia, the situation between the two countries is becoming increasingly schizophrenic. To say Russia does not use cyber espionage tactics would be naïve, however, if American politicians and law enforcement agencies cannot provide any evidence assumptions as to American protectionism cannot be disregarded.