Kaspersky business in the United States

Main article about the company: Kaspersky

2024

Americans began using Kaspersky Lab software bypassing the ban

In mid-September 2024, it became known that users in the United States continue to use Kaspersky Lab's security products, despite a ban by the authorities. Americans do not want to abandon the Russian antivirus for various reasons.

According to TechCrunch, some US residents do not intend to turn away from Kaspersky Lab's decisions for the reason that they are skeptical about the ban: the US authorities believe that the Russian company poses a threat to national security. Other consumers point out that money for antivirus has already been paid, and still others talk about the advantages of Kaspersky Lab products over competing security software.

The Americans began using Kaspersky Lab software to bypass the ban. How They Do It

It [Kaspersky Lab product] is well known as the best antivirus in the world and has a long history. There's no factual evidence that it's "spying" and I ON can't just blindly believe something that doesn't have any evidence, "says one user.

Various tactics are used to bypass the ban. In particular, some US residents purchase international license keys for Kaspersky Lab products on sites such as eBay, after which a server outside the United States is indicated to receive security updates. Other consumers use blocking evasion tools, including VPNs.

According to individual users, they are not worried about claims that Kaspersky Lab allegedly abused its access to American computers to collect confidential data. For example, one of TechCrunch's interlocutors said that he works only as a cashier, and therefore can hardly be of any interest to cyber spies.^[1]

Automatically remove antiviruses from computers in the United States

On September 23, 2024, it became known that Kaspersky Lab began automatically removing its antivirus products from users' computers in the United States. At the same time, instead of Russian solutions, the Pango Group UltraAV software is installed.

After the imposition of sanctions by the United States, Kaspersky Lab completely ceased operations in the American market. The base of about 1 million clients of the Russian company in this country was sold to Pango, which specializes in cybersecurity issues. Pango offers a range of products including VPN, antivirus software and identity protection tools against theft.

Kaspersky Lab

According to the Neowin resource, for many American users of Kaspersky Lab antivirus, migration to the Pango product came as a surprise. It is said that the Russian software was simply self-removed and was automatically replaced by UltraAV. Former Kaspersky Lab customers have questions about the effectiveness of UltraAV and the ability to reliably withstand cyber threats.

It is noted that Pango is a company from the United States, and therefore it is not subject to any geographical restrictions. However, the UltraAV software installer is digitally signed by the Indian company Max Secure Software India Pvt. Ltd. And the UltraVPN tool, part of UltraAV, is provided by a Pango-affiliated company in Panama. According to Pango, after the automatic transition to UltraAV, users will have the same billing schedule as in the case of Kaspersky Lab solutions. Annual and monthly payments will also not change.

No action is required. By mid-September [2024], you will have access to UltraAV and UltraVPN on your Windows desktop. If you are a paid Kaspersky client, after the transition is complete, UltraAV protection will be active on your device, and you will be able to use all additional premium features, the message says.[2]

Selling all its customers in the US

In mid-September 2024, it became known that cybersecurity company Pango acquired all customers of the antivirus company Kaspersky Lab in the United States after the US Department of Commerce banned the sale of Russian antivirus software in the country.

Without this deal, existing Kaspersky Lab customers in the United States would have stopped receiving antivirus software updates since early October. Under the agreement, Pango acquired about 1 million new users, according to Neil Feather, Pango's president and chief operating officer.

Kaspersky Lab sold all its clients in the United States

The plus for customers is that no action is required of them, "Feather said. - We set out everything they need to know in a series of emails, and if they have questions, they can always contact our customer support team, which is already ready to assist in this situation.

Pango is known to offer users a range of cybersecurity products, including VPNs, antivirus software and personal data protection tools. Kaspersky Lab clients will receive antivirus software from the company called Ultra AV. They were informed about the transition in early September 2024.

The financial terms of the deal were not disclosed, and Kaspersky Lab refrained from commenting. As soon as the transition takes place, all intellectual property of the Russian company will be completely removed from the computers of former Kaspersky Lab clients in the United States.

Shortly before this deal, Pango became a standalone company when Aura, a firm that produces online security tools for private use, spun off its division into a separate company: "Because Pango operated as a separate company within the holding, we just did a formal separation procedure."^[3]

US telecom operators banned from using Kaspersky Lab software

In early September 2024, the US Federal Communications Commission (FCC) imposed a ban on the use of Kaspersky Lab software in telecommunications equipment. The ban will take effect months after the White House banned sales of the software due to a threat to national security.

The U.S. Commerce Department released its final opinion on the matter on June 24. It says Kaspersky Lab software and antivirus pose "unjustified and unacceptable risks" to the state and US citizens. Thus, the company was prohibited from "directly or indirectly providing antivirus software and cybersecurity products or services in the United States or to persons from the United States."

US telecom operators banned from using Kaspersky Lab software

The ban on the sale of Kaspersky Lab software to new customers in the United States entered into force on July 20, and from September 29, the company will be prohibited from distributing software updates and malware signatures to American customers. The latest order means that all telecom operators using Kaspersky Lab software will have to remove it from their networks and select a new security provider.

In response to Washington's ban, Kaspersky announced that it would cease operations in the United States and lay off all employees. It is estimated that the staff of the company in the United States is less than 50 people. As a farewell gift to customers, the antivirus company said it will update software for free over the past six months. Kaspersky denies that the company's software poses a risk to US security. The company proposed an independent review, but the U.S. Commerce Department simply ignored that request, it said.^[3]

How much will Kaspersky Lab lose from new US sanctions

Kaspersky Lab's losses due to new sanctions from the United States will amount to tens of millions of dollars a year. This is stated in the materials published on June 21, 2024.

According to Igor Bederov, head of the investigation department at T.Hunter, a market expert at NTI SafeNet (Seifnet), in 2016, the contribution of the American market to the total sales of Kaspersky Lab reached 24.3%. However, then a sequential decline began. Ruslan Permyakov, Deputy Director of the Competence Center of NTI "Technologies of Trusted Interaction" based on TUSUR, says that in 2020 the share of sales of a Russian company in the United States dropped to 15%. At the same time, in 2016-2017, Kaspersky Lab's share in the US end-user device protection market decreased from 4.3% to 3.8%.

Eugene Kaspersky

The Vedomosti newspaper notes that as of mid-2024, the company's share in the American market could range from 5% to 7%, depending on the products sold. Permyakov points out that the contribution of the American region to the revenue of Kaspersky Lab has constantly decreased due to sanctions, and therefore "new restrictions are unlikely to greatly affect the company's business." On the other hand, according to Bederov's calculations, a ban on work in the United States will result in a loss of about $100 million per year for the company.

To compensate for the damage, Kaspersky Lab will have to more actively develop its business in other regions. Permyakov believes that these can be countries, the BRICS Middle East and North Africa. In addition, the company may try to strengthen its position in South America. In 2023, Laboratory launched a distribution network in Malaysia and Indonesia to work with solutions based on. operating system KasperskyOS According to Bederov, this indicates a gradual reorientation of the company to other sales markets.^[4]

Complete ban on the use of software in the United States

On June 20, 2024, the Presidential Administration USA Joe Biden announced a complete ban on the sale and use of software Kaspersky Lab in the country. According to the American authorities, the products of the Russian company pose a threat to national security.

Restrictions on the sale, resale, download of updates and licensing of Kaspersky Lab software come into force on September 29, 2024. Companies and organizations in the United States are given 100 days to find alternative solutions to protect their computer systems. The business of the Russian company in the United States will be blocked 30 days after the announcement of restrictions. In addition, as emphasized, sales of products that integrate Kaspersky Lab developments and are distributed under a different brand name are prohibited. The US Department of Commerce will also include two Russian and one British units of Kaspersky Lab on the sanctions list for "alleged cooperation with Russian military intelligence."

Russia has demonstrated that it has the capabilities and intentions to use Russian companies such as Kaspersky Lab to gather Americans' personal information and use it as a weapon. Therefore, we are forced to take restrictive measures, - quotes Reuters as the words of US Secretary of Commerce Gina Raimondo.

Kaspersky Lab notes that the decision of the American authorities is based "on the current geopolitical climate and theoretical concerns, and not on a comprehensive assessment of the company's products and services." At the same time, Kaspersky Lab intends to use the available "legal options" to continue its activities and maintain relations with partners and customers.^[5]

2022

Opening of transparency centers in the United States, Singapore and Japan

On August 26, 2022, Kaspersky Lab"" announced the opening of the Transparency Centers in,, and Singapore USA. Japan

In them, partners and customers of the company can get information about the software code of Kaspersky Lab solutions, product updates,, anti-virus bases threat recognition rules

Kaspersky Lab began creating a network of Transparency Centers in 2018, when the first such Center in Zurich was opened.

The Transparency Centers offer several types of visits, depending on the skills and goals of guests: from a general review of Kaspersky Lab's security and transparency practices to a comprehensive analysis of the source code of companies' solutions, which is carried out with the participation of its experts.

Since 2018, more than 30 visits have been made to Transparency Centers, corporate customers became the most frequent guests. They were mainly interested in the practices adopted by Kaspersky Lab regarding working with data. This experience led to the development of the Cyber Capacity Building Program. With its help, Kaspersky Lab experts are striving to help the community around the world learn practical tools and gain the knowledge necessary to assess the security of the infrastructure.

Kaspersky Lab provides source code exclusively for consulting purposes and follows the strictest access policies. This means that the request to analyze the source code may be rejected for security reasons. To ensure the integrity of the source code, Kaspersky Lab provides read-only access, which eliminates the possibility of making changes to it.

Visitors to the Transparency Centers can analyze secure software development documentation and the source code of key company products for home and enterprise users, as well as software update versions and threat detection rules. They can also collect source code to make sure it matches publicly available modules; check the Software Bill of Materials (SBOM); analyze the results of third-party security audits (such as SOC 2) and ISO 27001 certification remotely and directly at the Transparency Center.

Kaspersky Lab launched the Global Initiative for Information Openness in 2017. Recent steps within its framework are the transfer to Switzerland of infrastructure for the processing and storage of user data from Latin America and the Middle East; recertification of the company's data services carried out by TÜV AUSTRIA; launch of the online version of the Cyber ​ ​ Capacity Building Program.

WSJ: The United States does not impose sanctions against Kaspersky Lab because they will lead to an increase in cyber attacks on countries

On March 30, 2022, it became known USA Joe Biden that there were disagreements in the presidential administration over whether to impose sanctions on Kaspersky Lab due to the risk of growth. cyber attacks

The White House National Security Council insists that the Treasury Department prepare sanctions as part of a Western campaign to impose sanctions on Russia for starting a special operation in Ukraine. Unnamed officials familiar with the matter told The Wall Street Journal. While Treasury officials are working to prepare the package, sanctions experts at the ministry have raised concerns about the scale and scope of such a move. The company's software is used by hundreds of millions of customers around the world, making it difficult to enforce sanctions.

In addition, some officials in the United States and Europe fear that sanctions against Kaspersky Lab will increase the likelihood of provoking a cyber attack against the West by Moscow, even using the capabilities of the software itself. It is unclear whether the sanctions will be imposed, although one of the officials said that this idea was postponed as of the end of March 2022.

Kaspersky Lab has repeatedly denied that it cooperates with the Russian government or any other state to promote cyber espionage or other malicious cyber activity. The company said it hoped to discuss U.S. government concerns about its products and services, and noted that any proposed action would be only "a reaction to the geopolitical climate, not a comprehensive assessment of the trustworthiness of Kaspersky's products and services.

The National Security Council forwarded questions to the Treasury Department. The Treasury Department did not immediately respond to journalists' request for comment on the proposed sanctions. Sanctions of this nature usually block or freeze the assets of companies or individuals against which sanctions are directed, and prohibit US citizens from participating in transactions with these companies or persons.

On March 25, 2022, the U.S. Federal Communications Commission placed the company on a list of telecommunications equipment and service providers considered a national security threat. This move made Kaspersky Lab the first Russian company on this list, which previously included only Chinese companies.

Some officials argue that the imposition of sanctions against the company's CEO Yevgeny Kaspersky personally may be seen as a less aggressive step than the prosecution of the enterprise, given its size.

Many Western cybersecurity researchers see Kaspersky Lab as an important participant in global efforts to understand, identify and block hacker attackers. Some US officials have privately acknowledged that the alleged relationship between Kaspersky Lab and the Russian state would be similar to how US cyber companies cooperate with US intelligence agencies.

According to US officials, the Biden administration is preparing sanctions against Russian companies by the end of March 2022, which, in their opinion, supply goods and services to the military and intelligence services, including dual-use components used to distribute weapons.^[6]

Kaspersky Lab is on the list of threats to US national security

On March 25, 2022, the US Federal Communications Commission (FCC) added Kaspersky Lab to the list of companies whose products could pose a threat to the country's national security^[7]. The regulator's website says that this applies to all products, solutions and services of Kaspersky Lab JSC, as well as the predecessors and successors of this company, its subsidiaries and branches.

The updated list, which now has a total of 8 legal entities, along with Kaspersky, also included China Mobile International USA and China Telecom (Americas), a division of Chinese telecom companies. And in 2021, it included Huawei Technologies Company, ZTE Corporation, Hytera Communications Corporation, Hangzhou Hikvision Digital Technology and Dahua Technology - also Chinese companies. Kaspersky is the only one on the list who does not belong to them.

Kaspersky Lab expressed disappointment with the decision of the US Federal Communications Commission to include it in the list of suppliers of telecommunications equipment and services that pose a threat to national security.

This decision is not based on a technical assessment of the company's products, but was made for political reasons, the company said in a statement issued on March 26. - The expansion of the ban on organizations receiving subsidies for telecommunications systems from the US Federal Communications Commission is also unreasonable and related to the geopolitical situation, and not a comprehensive assessment of the security of Kaspersky Lab products and services[8] said[9].

The developer promised to continue to provide partners and customers with evidence of the quality and safety of their products.

The company is ready to cooperate with US government agencies and answer any questions from the federal communications commission or other regulators, Kaspersky said, adding that the company "has no political ties with any government in the world."

In September 2017, the US authorities ordered the country's state institutions to abandon Kaspersky products and services within three months. The Ministry of Security then said that they were concerned about the ties of some representatives of the company with Russian intelligence and other government agencies, as well as Russian legislation that would allow the special services to request and even force the company to provide information of interest to them.

In 2020, North America accounted for 15% of Kaspersky's revenue. For comparison, in 2016, this share was 24.3%^[10]. The company has not yet released its financial results for 2021 as of the end of March.

In the spring of 2021, the founder and CEO of the company, billionaire Yevgeny Kaspersky, said that he did not expect new sanctions from the US authorities: "They bombed us back in 2017^[11].

At the same time, Kaspersky admitted that in 2020 the company's sales in the United States and Asia did not grow at all and hoped that the company's business in the American market would grow in the future due to the development of a partner network and online sales.

However, after the start of Russia's special operation in Ukraine in 2022, questions about the security of Kaspersky products arose more acute not only among the American authorities, but also among foreign private users. Even before they were included by the Federal Communications Commission in the list of products that could pose a threat to national security, topics related to the expediency of further use of Kaspersky solutions were actively fruitful on the forums. For example, here and here. During the month, many similar threads were created on Reddit alone.

In March 2022, the Federal IT Security Agency Germany (BSI) also recommended that German citizens and institutions abandon the use of Kaspersky antivirus programs. And the Italian government has begun drafting legislation to replace anything of ON concern in state administrations, fearing that Russian government organizations could hack into anti-virus like software Kaspersky and disrupt key websites.

Registration of the Kaspersky Cyber Immunity trademark

In March 2022, the US Patent and Trademark Office registered the KASPERSKY CYBER IMMUNITY trademark. Earlier, the company registered a similar trademark in the UK and Cyber ​ ​ Immunity in Russia. This was announced by Kaspersky Lab on May 12, 2022.

The concept of cyber immunity embodies the Secure-by-Design approach - the creation of cyber security mechanisms at the design-solution stage IT. The principles of this approach are outlined in the documents of some regulators. countries For example, the Agency cyber security Singapore talks about it within the Security-by-Design Framework. There is also a standard ETSI EN 303 645 V2.1.1 for home. internet of things Developers, software such as, are already AWS using this approach for their services.

Trademark registration gives Kaspersky Lab the exclusive right to use Kaspersky Cyber ​ ​ Immunity to individualize its products. In addition, it confirms that the trademark has distinctive features verified by the departments of the respective countries according to certain criteria. How the copyright holder will the company be able to place a trademark on its products, including on labels and packages, on the site, in advertising, documentation, when rendering services and performing works, as well as prohibit all other persons from using identical or similar designations with respect to homogeneous goods and services in the territories where the trademark is registered without the permission of the copyright holder.

Cyberimmunicity implies the ability of an IT product to resist hacker to the attacks without the use of additional (superimposed) means. safety The vast majority of types of cyber attacks such a system are inefficient and cannot affect its critical functions. You can endow IT products with cyber immunity by using it KasperskyOS as a development platform and following a special methodology when creating a solution. This methodology includes defining the security objectives and operating conditions of the IT product, dividing the system into isolated domains security, and controlling information the flows between these domains.

Registration of the Kaspersky Cyber ​ ​ Immunity trademark on an international scale is evidence of systematic work to create a market for systems with innate cyber resistance. Such recognition is important both within the development team of such solutions, and among market analysts and customers. Now the first IoT gateway Kaspersky IoT Secure Gateway 100 has a special designation that is recognizable all over the world. All our products based on KasperskyOS will have the same designation. The concept of cyberimmunity is an integral tool for digital transformation, commented Andrey Suvorov, Head of Business Development for KasperskyOS Solutions.

2020: Kaspersky Lab opens transparency center in North America

On November 17, 2020, Kaspersky Lab announced the opening of its fifth transparency center, in which partners and government organizations can study the source codes of the company's products, as well as check the operation of its tools. The new center will work in North America, there will be access to the following materials:

• documentation on secure development; software
• the source code of any product released on the market (including older versions);
• Threat detection rule databases
• Source code for cloud services responsible for processing and storing customer data
• tools ON used to create products (build scripts anti-virus), databases, and cloud services.

A fifth transparency centre will be opened in partnership with Canada's innovative cyber centre CyberNB. It is a non-profit organization that works in the field of cybersecurity and cooperates with representatives of private and public companies, research organizations and personnel agencies.

Since we announced our global transparency initiative in 2017, Kaspersky Lab has repeatedly met the expectations of its partners and regulators, says Evgeny Kaspersky, CEO of the company. - During this time, we have seen a major transformation of approaches and legislative initiatives related to secure data processing and storage. Process transparency has become the norm in the IT world, and I am proud of our company, which is at the forefront of this process.

Earlier, Kaspersky Lab opened transparency centers in Zurich, Sao Paulo, Kuala Lumpur and Madrid. During the COVID-19 coronavirus pandemic, physical access to centers is limited and only a virtual tour is offered.^[12]

2019

Permanent ban on the supply of software to the US government

On September 10, 2019, it became known that Kaspersky Lab was forever banned from supplying software and services to the American government. Previously, the ban was temporary.

The permanent ban was imposed under the National Defense Authorization Act, which prohibits all civilian and military departments in the United States from using Kaspersky Lab products.

The Pentagon, General Services Administration (GSA) and NASA have published in the federal register a final set of rights on how government agencies must comply with the National Defense Law when refusing Kaspersky Lab decisions.

US authorities cut off Kaspersky Lab from the American market, fearing the company's alleged close ties with Russian intelligence services and the government. According to Washington, the company may transfer confidential information about US cybersecurity to Moscow.

It is noted that the ban on the distribution of Kaspersky Lab products in the American public sector applies not only to the institutions themselves, but also to their contractors at all levels providing various kinds of services.

According to the executive vice president and lawyer of the Professional Services Council (an industry group representing the interests of contractors of the federal government) Alan Chvotkin, Kaspersky Lab software cannot be used in any IT system with which government agencies work. Even when it comes to a payroll system for counterparties.

The message of the US government is fully understood. For companies [cooperating with the authorities], it will be wiser to completely remove their [Kaspersky Lab products] from their system and not try to split them into parts or isolate them, Chvotkin said.[13]

Helping capture NSA data thief

On January 9, 2019, it became known that Kaspersky Lab, whose software was banned from American government agencies, helped catch a secret data thief from the National Security Agency (NSA).

According to Politico, citing people familiar with the investigation, Kaspersky Lab "handed over" NSA Harold Thomas Martin, who, working for the agency's contractor, stole confidential materials under the heading "top secret" (including classified information about US military operations) and kept them at home.

Martin created an anonymous Twitter account called HAL999999999, through which he sent five encrypted personal messages to two Kaspersky Lab experts. They were short, and the correspondence ended as suddenly as it began.

In the first message, which dates back to August 13, 2016, the author asked to organize a conversation with "Eugene." Most likely, we are talking about the founder and head of the Russian company Evgenia Kaspersky. In a second post, Martin wrote "Relevance - Three Weeks." What exactly did he want to talk to Kaspersky who stole the secret data of the NSA is not reported.

The antivirus company calculated the author of the messages through the Google search engine: HAL999999999 brought the request to a private ad, the author of which was looking for sexual partners. The anonymous ad was posted on a site for people interested in sadomasochism and sex partner bonding and contained a real-life photo of Martin. The ad's author revealed he is 50 and lives in Annapolis, Maryland.

A search on LinkedIn led to the profile of a certain Hal Martin, who on the social network called himself a researcher at Annapolis Junction, a "technical adviser and investigator on offensive cyber problems." The LinkedIn profile did not mention the NSA, but indicated that Martin worked as a consultant or contractor "for various cyber initiatives in the Department of Defense and intelligence agencies."

Kaspersky Lab specialists received two messages 30 minutes before the Shadow Brokers cyber group began releasing NSA software tools on the Internet and announced an auction to sell source codes stolen from intelligence for $1 million.

Kaspersky Lab found evidence of the connection of the received messages on Twitter with Martin's personal account and his work for American intelligence. Then the researchers began to check Martin's possible attitude towards Shadow Brokers and for this they contacted the NSA to propose an investigation.

A trial accused Harold Thomas Martin of stealing classified data is scheduled for June 2019. According to prosecutors, the suspect stole data belonging to the NSA and other government bodies for 20 years, including the most complex and important hacking tools. In total, Martin is credited with illegally copying 50 TB of data.

After Kaspersky Lab handed over Twitter messages and proof of the identity of the sender to the authorities, the FBI issued a search warrant for Martin's home and property, and received the right to study his Twitter account.

A search involving two dozen armed FBI agents and a special SWAT unit was conducted promptly. A number of classified documents in paper and digital formats were discovered in Martin's home. Among the materials found were also detailed descriptions of the NSA tools that came to the Shadow Brokers hackers.

Martin's connection to this cyber group has not been proven and he has not been charged with espionage. Shadow Brokers continued to publish NSA data on the Internet after Martin's arrest, refuting suggestions that he could be Shadow Brokers.

While cryptic Twitter posts have seen some of Martin's attempts to hand over sensitive data to Kaspersky Lab or the Russian authorities, his lawyers insist there is no evidence of such intentions.

He is a patriot who recklessly stockpiled and stored classified material only because he suffers from compulsive disorder, "said James Vida, who represents Martin in court.

According to former NSA legal adviser Stuart Baker , ironically, Kaspersky Lab employees who were at the mercy of American intelligence themselves talked about this problem.

We all thought Martin was caught as a result of renewed or increased control, and instead everything looks like he was detained for being an idiot, "Baker said in a conversation with Politico.

He noted that the NSA never found a good way to identify unreliable employees who mistreat sensitive data. Approximately the same Eugene Kaspersky said in an interview with The Wall Street Journal:

One alarming thought haunts me: the safety of millions of people can be simply compromised contrary to all technologies and security measures with the help of the oldest source of threat - a five-dollar "flash drive" and a misled employee.

Although Kaspersky Lab has worked with law enforcement and information security companies in the United States for many years to track hackers, the manufacturer's relationship with the government began to worsen around 2012. Then Kaspersky Lab revealed a number of NSA spy tools and hacker operations after discovering a previously unknown spy software on client computers.

2018

Delayed plans to open U.S. offices

On November 27, 2018, it became known that Kaspersky Lab had postponed plans to open offices in the United States. In addition, the company postponed to 2019 the launch of a representative office in Toronto, Canada.

The need to open an office in Chicago and Los Angeles has so far disappeared due to the general difficulties of working in the region. Now we have stagnation in corporate sales. At the same time, B2C sales are growing in the online segment, but it is centralized,  no new offices are needed for its development. So while we are temporarily suspending plans to open new offices, "Alexander Moiseev, director of business development at Kaspersky Lab, told RIA Novosti.

The company was set to open three new North American offices during 2018. In this region, according to Moiseev, the number of ordinary users of Kaspersky Lab products is growing, despite negative publications in the media and restrictions on sales in government agencies.^[14]

In the US defense budget for 2018, there is a provision according to which federal authorities cannot use software and services of Kaspersky Lab or organizations controlled by it. 

Alexander Moiseev also said that Kaspersky Lab is still not going to go public, since the company demonstrates a "growing and profitable" business, so it does not need to raise money.

If the company's shares are traded on the stock exchange, this often makes life very difficult for it, adds bureaucracy, makes it difficult to make decisions. We see that some companies today are just striving to leave the exchange and become private again. In general, in order to conduct an IPO, you need to  understand why to do this, what is the final goal. Our main task now is to maximize the development of new technologies that we already have, "he added.

Ex-NSA programmer sentenced to 5.5 years in prison for leaking cyber weapons in favor of Kaspersky Lab

In September 2018, the ex-programmer NSA 68-year-old Ngiya Hoan Pho was sentenced to five and a half years in prison for leaking secret cyber military developments. Back in December, Pho pleaded guilty to premeditated unauthorized copying of classified security-related information state. More. here

Transfer of software build and data of American users to Switzerland

Kaspersky Lab intends to transfer the process of processing user data from Russia to Switzerland, the company told CNews. The new data center will be opened in Zurich by the end of 2019. There will be stored and processed user data from Europe, North America, Singapore, Australia, Japan and South Korea, and subsequently other countries^[15].

The cost of the project is estimated at $12 million, 60 employees of the company take part in its implementation. During the transfer of data processing from Moscow to Zurich, 800 pieces of equipment will be deployed in Swiss data centers.

The center will process the data that Kaspersky Lab collects through the Kaspersky Security Network (KSN) cloud infrastructure, requesting the user's voluntary consent.

Transparency Center and Software Assembly

In addition, the Laboratory intends to open its first Transparency Center in Zurich. In total, the company is going to create three such centers within the framework of the Global Transparency Initiative launched by it.

Kaspersky Lab will open a data center in Zurich In the Transparency Center, independent third-party experts will observe the operation of equipment and software, they will also check the program code of products for undeclared functions. User data processing and product assembly will also be under their supervision. The Laboratory plans to entrust these functions to a new non-profit organization, the creation of which intends to support. Subsequently, the organization will be able to provide similar services to other information security companies.

In addition, a "software assembly pipeline" will be created in Zurich for some countries. It will be a set of tools for building programs from the source code. The pipeline will start working in Zurich before the end of 2018, it will begin to compile protective software products, antivirus databases and their updates. The products assembled in this way will be independently checked for their code compliance with the source code provided by the company.

Blocking ads on Twitter

In April 2018, Kaspersky Lab was banned from advertising on the social network Twitter. The administration of the social network said that the manufacturer of antivirus software works according to a business model that does not meet the standards of acceptable advertising. Read more here.

2017

Lawsuit against the US Department of Homeland Security

In December 2017, Kaspersky Lab filed a lawsuit against the US Department of Homeland Security over a recent decision to ban the use of the company's products in government organizations in that country.^[16]

The company believes that the ministry's directive banning the use of Laboratory developments, issued on September 19, 2017, constitutes "a dangerous precedent that can be used to illegally restrict any fair business."

This is an action that cannot be left unresponsive. Therefore, we are going to court,} says the personal blog of Evgeny Kaspersky[17]

According to the head of the company, the directive was adopted on the basis of "unsuitable arguments": ... "officials of the vinistery confirmed that the decision was based on information from open sources (" read on the Internet "), which, in turn, referred to anonymous people, were confused in the testimony, distorted well-known things and said absurdities due to poor understanding of cybersecurity technologies, ignorance of industrial standards and political bias."

But the main thing is that, from Kaspersky's point of view, the Department of Homeland Security violated due process by ignoring the need for dialogue with the LoC "to confirm the validity of the accusations." In other words, Kaspersky Lab was not allowed to defend itself.

Meanwhile, the fallout from the Department of Homeland Security's decision has proved dramatic for the company. At that time, the proceeds from software licenses sold to US federal institutions make up a very insignificant part of the Laboratory's total revenue in the American market, the ministry's decision led to a domino effect: the lawsuit indicates that several of the country's largest retailers have generally removed Laboratory's development from sale and interrupted long-standing cooperation. The reason was not only the directive itself, but also a powerful media company, the flagships of which were representatives of the US Congress.

It is worth noting that the Best Buy chain of stores refused to sell Laboratory products a few days before the directive was released; the reason was "concerns about the company's ties with the government and the Russian special services." Kaspersky Lab persistently denies the existence of any improper ties and informal cooperation with the special services. Yevgeny Kaspersky himself said that all charges against the company were reasonably refuted, while opponents do not provide any evidence, except for rumors and speculation, including of anonymous origin.

It is possible that the mentioned directive was a kind of response to the disclosure by the Laboratory of classified cyber operations of the National Security Agency: it was Kaspersky Lab experts who were the first to publish an analysis of the hacker tools of the Equation group, which, as it turned out later, was associated with the NSA.

In 2017, a theory appeared in the media that the Laboratory's developments were used to search for and steal classified documents and NSA program code. After conducting an investigation, the Laboratory reported that indeed its antivirus tools identified Equation malware - on the home computer of an agency employee who apparently brought the archive with documents and code home, in violation of all security regulations.

In early December 2017, the Daily Mail published material indicating that a former NSA employee pleaded guilty to actually taking secret data home, and that it was from his computer that a "leak" occurred or could have occurred. Thus, the version of the "Laboratory" was at least partially confirmed. ^[18]

The prospects for the claim are not yet obvious, says Oleg Galushkin, an information security expert at SEQ (formerly SEC Consult Services).

On the one hand, such a lawsuit should have been filed for a long time, Kaspersky's claims that this directive can firmly harm the entire market are very justified, he says. - However, a lot has changed since September: the ban on the use of Kaspersky Lab's developments has already become part of the law passed by the US Congress and signed by the country's president. Even if Lab wins the lawsuit and achieves the invalidation of the directive on September 19, and the use of the company's products in federal institutions is not a threat to US national interests, it is not at all a fact that this will lead to a revision of the law and help Kaspersky Lab restore its shaken position in the American market.

Closing the Washington unit

In December 2017, it became known about the closure of the Kaspersky Lab office in Washington, a division of Kaspersky Government Security Solutions, which was engaged in the supply of solutions for government agencies. It will be sold to the government and will continue to work with non-federal clients in the United States through the vendor's representative offices remaining in the country, Anton Shingarev, vice president of the company, told Bloomberg news agency. At the same time, Kaspersky Lab is going to open new offices in Chicago, Los Angeles and Toronto in 2018.

Shingarev also said that Kaspersky Lab will open the source code of its product to the authorities for independent analysis, allowing experts to make sure that the software does not have any hidden functions, does not send user files to third parties, does not spy and fully complies with user agreements.

In September 2017, the US government banned the use of Kaspersky Lab software, citing alleged ties between the company's founder Yevgeny Kaspersky and Russian intelligence, and the possibility that the company's products are capable of acting as "malicious entities" by compromising federal information systems. The move has raised concerns among customers in other markets, including Britain. According to Shingarev, the loss of state clients can significantly affect the company's income in the United States, in addition, after the government ban, the company receives questions from customers about the safety of its software.

We are negotiating with the National Center for Computer Security and are trying to determine what is necessary in order to deserve the opposite recommendation, says Shingarev. - In general, they support the idea of ​ ​ opening the source code of our software for independent audit.

Kaspersky Lab plans to create Transparency Centers in the USA, Europe and Asia, in which software code can be analyzed by independent experts. These will be high-security buildings with security cameras, without the Internet, in which invited specialists will analyze the code with the support of company employees.^[19]

Kaspersky intends to regain confidence in the United States and Europe by opening transparency centers and product source codes

Kaspersky Lab"" plans to take a number of measures that will allow her to prove the groundlessness of the allegations of cyber espionage that the company has faced and increase confidence in itself in foreign markets. This follows from the speech of the Vice President state for Organ Relations Kaspersky LabAnton Shingarev on December 6, 2017.

These measures include the opening of three transparency centers - in the United States, Europe and Asia, the disclosure of the code of products and their updates for independent audit to foreign regulators, Shingarev said.

The representative of Kaspersky Lab explained to TAdviser that these centers will primarily analyze the source code and updates together with representatives of foreign organizations and regulators. This will remove all charges of espionage, the company expects.

In a conversation with TAdviser, Anton Shingarev noted that code disclosure for independent auditing is a standard industry practice carried out by various companies, including Microsoft in Russia. And there are very strict rules for transmitting code for research in protected conditions.

Shingarev told TAdviser that as of the end of the year, the company is discussing various audit options with foreign regulators - in the USA, Europe and Asia. The company has not yet come to some agreements with him. The process is not moving as quickly as we would like, he added. It is especially difficult to develop a system for checking product updates, since updates can change their functionality. No one in the world has built such a system yet, says Shingarev.

We are very much counting on feedback from regulators, because without it we are doing something of our own, and this may turn out to be meaningless. When we do something ourselves, they don't believe it, so we need to build a system that will be believed by default. Therefore, we need a third party, third parties for verification, "he explained to TAdviser.

The best feedback is from Europeans, they are generally more open to cooperation, and the political situation with the United States is really very difficult, says a Kaspersky Lab spokesman.

Anton Shingarev found it difficult to name the exact timing of the opening of the first transparency center. The company expects this to happen in early 2018.

US government agencies banned from using Kaspersky anti-virus

The US authorities have obliged all state institutions of the country to abandon Kaspersky Lab products and services within three months^[20]. Washington is concerned that Russia could threaten US security through the company's programs.

The US Department of Homeland Security said Kaspersky Lab products pose a threat to the country's security and could be used by Russian authorities to access US government documents.

In this regard, the department obliged all state institutions to abandon the use of company antiviruses. This follows from the official statement of the American department.

Over the next 30 days, all government agencies must report on the availability of Kaspersky Lab programs, consider the transition to products of other companies within 60 days, and three months after the publication of this statement, completely abandon Russian antivirus products.

Best Buy's refusal to sell Kaspersky Lab software

In September 2017, the largest network of electronics stores in the United States, Best Buy, stopped selling Kaspersky Lab software due to suspicions about the software company's ties to Russian intelligence services.

Best Buy reported that the decision to curtail sales of Kaspersky Lab products was made as a result of publications in the media, congress opinions and industry discussion. The retailer will allow existing customers of Kaspersky Lab software to exchange it for another product within 45 days.^[21]

 Best Buy notes that they did not conduct their own investigation, but suspicions about the creators of the antivirus turned out to be enough to remove the product from sale.

Currently, Kaspersky Lab and Best Buy have suspended joint work. However, the format of interaction between the two companies may be further revised, "Kaspersky Lab said.

At the same time, Kaspersky Lab will continue to offer its solutions in the United cyber security States through its own website and other retailers.

Earlier in September 2017, the American press reported that the Senate expects to introduce a complete ban on the use of Kaspersky Lab products by government agencies and departments, as well as related firms, in the wake of growing fears that the Russian company could allegedly be used by "Kremlin-backed hackers" to try to manipulate users, get their private correspondence and data.

Kaspersky Lab products have left the list of US General Services Administration (GSA) external suppliers whose products are approved for use by US government agencies.

FBI squeezes Kaspersky Lab out of private business

In August 2017, it became known about the intentions of the American authorities to oust Kaspersky Lab products from local private business. The reason is that the decisions of the Russian company allegedly pose a threat to US national security.

According to CyberScoop, citing former and current employees of the American government, the Federal Bureau of Investigation (FBI) met with representatives of American companies to inform them of the need to refrain from using Kaspersky Lab software, since it, according to the law enforcement agency, is used by Russian intelligence as a tool for espionage.

It is noted that the counterintelligence unit FBI has been holding such meetings with business since the beginning of 2017. Most often, such briefings involve energy companies and those who use dispatch control and data collection systems (), SCADA as well as solutions for managing production processes.

According to CyberScoop interlocutors, at meetings with company leaders, FBI officers provide a general overview of the threats allegedly posed by Kaspersky Lab products. One of the main, allegedly, is "close and active interaction with Russian intelligence." As an example of the company's illegal actions, the data that appeared earlier in the media are cited, including the Reuters publication (2015), which spoke of the creation of fake viruses in Kaspersky Lab in order to harm competing manufacturers and their users.

As noted by CyberScoop in the US government, companies using systems for collecting, processing, displaying and archiving information about a monitoring or management object generally agreed to follow the recommendations of the FBI, and some business representatives after the briefing began to conclude deals with competitors of Kaspersky Lab^[22]

US President Trump struck out "LK" from the lists of suppliers of products for government agencies

On July 11, 2017, the presidential administration USA Donald Trump excluded the Russian Kaspersky Lab from two lists of suppliers of high-tech equipment for state needs. We are talking about two lists of the US General Services Administration (GSA), which certifies suppliers and enters them into the database of companies: services in the field information technology and supply of photographic equipment.^[23]

According to Reuters, the reason was the fear that the products of the Russian developer could serve to collect information in American computer networks. Earlier, NBC News reported on a secret memorandum prepared by the US Senate Intelligence Committee sent to the head of National Intelligence. It claimed that Russian intelligence agencies could use Kaspersky Lab products to spy on Americans and sabotage infrastructure.

Today's decision came after "analysis and careful consideration" - to ensure the "integrity and security of the U.S. government, system and network," GSA officials said. At the same time, US government agencies can still use the products of the Russian laboratory, but only purchased outside the framework of state contracts.

For its part, Kaspersky Lab explained to Reuters that they have not yet received any notifications from GSA or any other American government structure regarding the change in supplier status.

"Kaspersky Lab is not related to any government, the company has never helped and will not help any of the governments in the field of cyber espionage," the company said in a statement.

At the end of June 2017, FBI officers conducted surveys of American representatives of Kaspersky Lab in order to find out to what extent the representative office of the Russian company reports to its head office. Following this, the US Senate Committee on Armed Forces took the initiative to ban the use of Kaspersky Lab software in the American army.^[24]

In this regard, Yevgeny Kaspersky expressed his readiness to speak before the US Senate, answering any questions, as well as disclose to the American authorities the source codes of his software in order to get rid of accusations of cyber espionage.

In

September 2017, it became known that Kaspersky Lab was closing its Kaspersky Government Security Solutions Inc (KGSS) division in the United States. ^[25], engaged in cooperation with American government agencies. This was reported to The Bell by two sources close^[26] to^[27] the^[28]The Washington-based unit was created to contact government agencies that are currently banned from Kaspersky Lab, a Bell source explained the reason why KGSS is planned to be closed.

The US Department of Homeland Security issued a directive explaining that the authorities have 30 days to detect Laboratory software in their networks, 60 days to develop a plan to remove it, and another 90 days to remove it itself. The order applies only to civilian departments, not the Ministry of Defense. However Pentagon , he previously stated that he did not use the products of the Laboratory anyway.

The United States wants to limit Kaspersky: It has become too common

Intelligence Committee Memorandum

US authorities fear that Russian intelligence agencies may use Kaspersky Lab to spy on the Americans and sabotage the work of the country's key infrastructure systems. This was reported by ABC News^[29]. The authorities are concerned that the products of the Russian company are widely used in the United States, not only in the private, but also in the commercial, as well as state segment. For example, Laboratory antiviruses are used by the Federal Bureau of Prisons. In addition, laptops are sold in the United States, on which the software of the Russian company is preinstalled.

Concerns about the possible threat posed by the Lab were raised in a secret memo that was sent last month to Director of National Intelligence Dan Coats and Attorney General Jeff Sessions. The document was prepared by the US Senate Intelligence Committee. The Committee strongly requests action on the potential risk posed by the widespread prevalence of Laboratory products in the American market. This is regarded as a matter of national security.

Staff problem

American officials are concerned that some Laboratory executives have previously worked for Russian intelligence and military structures. For example, Igor Chekunov, the company's legal director, once worked in the border service, Russia which reports to the state security agencies. Executive Director Andrei Tikhonov was a lieutenant colonel of the Russian army, where he was engaged in information technology.

The head of the Laboratory, Yevgeny Kaspersky, replies that both employees came to the company more than 20 years ago, and that he is 100% sure that they have no ties with the government.

CIA could exploit vulnerabilities in LoC antiviruses for espionage

On March 7, 2017, the WikiLeaks portal published CIA documents on hacker methods of surveillance and data hacking. One of them talks about the interest of special services in vulnerabilities in Kaspersky Lab antiviruses^[30]

Almost nine thousand documents have appeared on the WikiLeaks website, which, according to the organization, belong to CIA officers and are evidence of mass surveillance of the American department for user computers around the world.

The massive archive of secret documents, called Vault 7 ("Refuge 7"), included a presentation prepared in 2014 by the director of the Coseinc group, Hoashin Koret. Among other products, it mentions Kaspersky Lab antivirus, which, according to Koret, contains vulnerabilities that "anyone can write a reliable exploit for without any real difficulties." The author of the document indicates that Kaspersky Lab has not fixed the vulnerabilities that were discovered at the SyScan 2014 hacker conference in Singapore. 

As specified TAdviser in the press service of Kaspersky Lab, Wikileaks documents deal with DLL inject and heapgrd vulnerabilities, which were actually eliminated back in 2009.

The products mentioned by WikiLeaks (KIS 7, KIS 8, WKSTNMP3) are outdated versions of Kaspersky Lab security software, and for several years they have not been supported. As for the DLL inject vulnerability in the TDSSKiller utility, also mentioned in the WikiLeaks report, it was closed in December 2015, Kaspersky Lab noted.

The company also emphasizes that the documents published by WikiLeaks do not indicate that the given vulnerabilities were applied in practice against the solutions of Kaspersky Lab or other manufacturers of security software, but describe the analysis of software using the reverse engineering method.

2015

Payment of speech fee to Flynn, future aide to US President Trump

A subsidiary of Kaspersky Lab paid a fee to General Mayklu​ Flynn for speaking at a forum in Washington in 2015. Two years later, in 2017, Flynn was appointed assistant to US President Donald Trump on national security and this fact was used in the campaign against him. Michael F​linn resigned just 24 days after his appointment to the post over a political scandal that was prompted by his talks with Russian Ambassador to the United States Sergey Kislyak.

Flynn received more than $11 thousand from a subsidiary of Kaspersky Lab, ​ Bloomberg reported.

Kaspersky

Lab subsidiary Kaspersky Government Security Solutions (now KGSS Inc.) paid General Michael Flynn a fee for speaking at the Government Cybersecurity Forum held by KGSS Inc. in Washington in 2015, "a Kaspersky Lab spokesman said.

According to him, during the Government Cybersecurity Forum, the problems cyber security faced by governments of different countries and ways to solve them were discussed, and "leading political and IT experts" took part in the forum.

At the same time, the representative of Kaspersky Lab stressed that Kaspersky Lab is a private company and, although it cooperates with the authorities of many countries and international law enforcement organizations in the fight against cybercrime, it is not connected with any government.

As Bloomberg wrote in 2017, citing documents published by Democratic congressmen, Michael Flynn received a total of more than $56 thousand from companies related to Russia. In particular, he received $11,250 from Kaspersky Government Security Solutions, Inc., a subsidiary of the Russian Kaspersky Lab, and another $45,000 for participating in an event dedicated to the tenth anniversary of RT. During the "gala dinner" hosted by the TV channel, Michael Flynn sat next to Russian President Vladimir Putin.

Michael Flynn has not previously denied that he received money from the Russian TV channel, but refused to name the amount, Bloomberg said.

At the same time, The Wall Street Journal noted that from RT for participating in the conference To Moscow in Flynn received less - $33,750, and two more payments - $11,250 - he received from two Russian companies - cargo and software. The agency Reuters suggested that in the case of a transport company, we could talk about an airline. "Volga-Dnieper

American patent for Russian product obtained

On June 15, 2015, Kaspersky Lab announced a patent received from the US Patent and Trademark Office that describes the security architecture of virtual environments^[31]. Patented technology is used to fully protect virtual machines from cyber threats without compromising their performance.

The combination of security and optimal resource utilization is achieved by installing a specialized virtual machine equipped with a special module. It takes over the functions of a security solution for the rest of the virtual machines, on which the so-called light agent is additionally installed. The patent describes a method of communication between the module and agents, which allows the latter not only to send data for analysis and follow the instructions received, but also to provide additional security levers that are not available in the traditional approach.

In virtual environments, each machine is allocated as much RAM and processor power as is required for its tasks. The fewer resources each machine needs, the more machines can run on a single server. By modern standards, traditional security solutions do not consume many resources, but with the simultaneous operation of many virtual machines, the total security costs become significant. Patented technology can significantly reduce this load. Moreover, the presence of an agent allows you to more effectively protect a virtual machine by having direct access to its memory and deep system processes, as well as the ability to use additional security technologies such as web control, application and device control.

"One of the main benefits of virtualization is resource efficiency. Alas, the pitfalls encountered when trying to ensure the security of virtual infrastructure lurk here - traditional security tools are not optimized for virtual machines, and their use leads to significant performance losses. Our patented technology solves this problem - by providing reliable security for the virtual environment, we also maintain its effectiveness. Moreover, for some virtualization platforms, this technology is still the only truly specialized means of protection, "said Matvey Voitov, product manager at Kaspersky Lab.

The patented technology is used in the enterprise product Kaspersky Security for Virtual Environments - Light Agent. According to the developer, the solution protects servers, virtual workstations in the environment of Microsoft Hyper-V, Citrix XenServer and VMware vSphere.

Notes