Is Kaspersky Software a Tool of the Russian Government

MUO

Is Kaspersky Software a Tool of the Russian Government

The Department of Homeland Security (DHS) has banned the use of Kaspersky security software on federal computers. Understandably, people are worried - but is Kaspersky really in bed with the Russian government? Image Credit: Anton_Sokolov/Depositphotos A rather interesting development has cropped up in the security world. The Department of Homeland Security (DHS) has banned the use of Kaspersky security software on federal computers. This -- understandably -- has some people worried. Is it still safe to use Kaspersky software on your home or work computer? We've collected the facts, tried to make sense of the claims, and put together what we've found. Here's what we know so far.

What the DHS Says

According to the , the Department has direct Federal Executive Branch agencies to identify the use of Kaspersky software on their devices and remove it within 90 days. Why? The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The statement also says DHS is worried that the Russian government could capitalize on Kaspersky products being on US federal computers, with or without the cooperation of Kaspersky. The statement is sparse on information backing up these claims. New Hampshire senator Jeanne Shaheen has led the charge in Congress to ban Kaspersky products from federal computers. In an , she stated that there have been public concerns voiced. Some of these concerns "suggest there has been direct collaboration with certain officials from Kaspersky and from the FSB." We haven't seen any evidence that this is case. Shaheen also stated that there's relevant classified information that could support this idea. Because it's classified, though, we have no idea if it's true. Or if it even exists. (Shaheen is known for supporting the war in Iraq, which was predicated on faulty intelligence. We all know how that turned out. A number commentators have noted the similarity of these two cases.)

What Kaspersky Says

The cybersecurity firm, as you might imagine, is not happy about this development. Kaspersky has been in the business for 20 years, and has a stellar record for protection. They're consistently ranked very highly in lists of the best security software. Kaspersky's response is summed up nicely in this statement: No credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company. The company works with governments around the world to provide . And most of their business is done outside of Russia. They even point out that the laws discussed in the DHS statement don't apply to them: they only apply to telecoms providers and ISPs. "Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it's disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues." It doesn't get much clearer than that. But are they telling the truth?

What We Know So Far

As Kaspersky points out, no credible evidence has been publicly presented. Some classified information has been hinted at, but there's no way that we can judge the veracity of that information. If it even exists. And with US-Russian relations currently in a rather fraught place, the idea of "geopolitical issues" influencing this decision does seem credible. In a , an anonymous senior intelligence official is quoted as saying that intelligence agencies have been looking for evidence of governmental interference or vulnerabilities in Kaspersky software "for years." But they didn't find anything. Did US intelligence find new information? It's possible. But there's no way to know. Of course, nothing in the political world is as clear-cut as it seems at first. Back in 2012, of Kaspersky and his company. They noted a number of ways in which Kaspersky's views align with the Russian government's, and how he seems to have a relationship with some members of the FSB. They also note that many of these relations are similar to those between big US companies and Washington. And that Kaspersky has a dedicated crew seeking to stamp out cyberespionage. This is the team that , a US-Israeli cyberweapon deployed in Iran. The article paints a conflicting picture. Especially when you take into account its terribly misleading title, "Russia's Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals."

Competent and Complicated

But in the end, it's a picture of a competent businessman. He understands the political climate and turns it to his advantage when he can. He may agree with the Russian party line on internet privacy, but so do many other people around the world. He's a complicated man in a complicated business. That certainly doesn't make him a tool of the FSB. Yes, Kaspersky Labs has made software for the Russian government. But they've also made software for other governments around the world. They're probably closer to the FSB than they are to other governmental organizations. But that's to be expected, as they're based in Russia, and the FSB handles much of the country's cyber concerns. Again, complicated.

Should You Be Concerned

No. There's almost certainly no cause for concern. It seems quite unlikely that Kaspersky Labs, a highly successful international company, is entangled in Russian espionage. And even if they were, they'd be targeting government and military computers, not civilian ones. If you believe in , you might be worried that Russia is using Kaspersky software to infiltrate computers around the world for some nefarious purpose. And while stranger things have happened, it seems awfully unlikely. (Though it would make for a great Tom Clancy novel.) In addition to Kaspersky's stellar reputation, they also make a lot of money: $644 million at the time of that Foreign Policy article -- enough for them to release a . They have little motivation to risk their reputation to help the Russian government. In the cybersecurity world, your reputation is paramount. Does that mean they're completely innocent? No. As I mentioned, it's a complicated business. And a cybersecurity firm cooperating with an intelligence service isn't a far-fetched idea. But based on the evidence that's publicly available -- which is scant -- it looks like Kaspersky is telling the truth.

Go with What Makes You Feel Safe

In the end, it's important that your security software makes you feel safe. If you no longer trust Kaspersky, switch to something else. It's as simple as that. I'd encourage you not to jump to conclusions, though, and look at the company's . Of course, we'll be keeping an eye on this development. Whether it ends up being political maneuvering or a genuine threat, we'll be sure to let you know. Do you still trust Kaspersky software? Or will you be switching to something else? Share your thoughts in the comments below! Image Credit: Anton_Sokolov/