U.S. Government vs cyber security company: who can you trust?

Cybersecurity Kaspersky respond to allegations that their software was hacked by the Russian government

“Some people think that ‘Russian cybersecurity company’ are three words that shouldn’t be in the same sentence”

Cybersecurity company Kaspersky Lab have been in the news due to allegations that Russian hackers and the Russian government used KL products to spy on American users and access their private data.

As well-established tech site Cnet reported: “It’s unclear exactly how Kaspersky Lab’s software has been compromised, if it was at all. Because all the reports are based on the word of anonymous sources, there aren’t many technical details available.”

On Thursday, Eugene Kaspersky responded to the allegations in a personal blog and video on Youtube. Kaspersky Lab also posted a revealing blog at the URL Kaspersky in the sh**storm which examines the story in context.

In the news
By Monday 23rd October, outlets from the Guardian to Sky News were reporting that company founder Eugene Kaspersky had announced a “global transparency initiative” that would include an independent source code review.

In his own personal response, company founder Eugene Kaspersky described the allegations as being “without evidence” and criticised the “steady stream of media leaks” which “seem designed to damage our reputation without providing us with any real opportunity to address any concerns”.

“We need to reestablish trust in relationships between companies, governments and citizens. That’s why we’re launching this Global Transparency Initiative: we want to show how we’re completely open and transparent. We’ve nothing to hide. And I believe that with these actions we’ll be able to overcome mistrust and support our commitment to protecting people in any country on our planet.”

Next steps
Kaspersky Lab’s comprehensive transparency initiative includes an independent source code review (starting Q1 2018) to be undertaken with an internationally recognized authority; the creation of three transparency centers worldwide and increased bug bounty rewards (up to $100K per discovered vulnerability in main Kaspersky Lab products).

He added that Kaspersky Lab has also ‘strengthened our partnership with INTERPOL to fight cyber crime even more effectively. Clearly we’re doing something right.”

Eugene Kaspersky’s full blog post can be found here: https://eugene.kaspersky.com/2017/10/19/proud-to-keep-on-protecting-no-matter-of-false-allegations-in-u-s-media/