Posts Tagged ‘Eugene Kaspersky’

Kaspersky antivirus software sometimes copies your files files

November 4, 2017

Image may contain: tree, sky and outdoor

SAN FRANCISCO (Reuters) – Eugene Kaspersky said his company’s widely used antivirus software has copied files that did not threaten the personal computers of customers, a sharp departure from industry practice that could increase suspicions that the Moscow-based firm aids Russian spies.

The acknowledgement, made in an interview last Friday as part of the Reuters Cyber Security Summit, comes days after Kaspersky’s company said its software had copied a file containing U.S. National Security Agency hacking tools from the home computer of an agency worker in 2014.

 Image may contain: sky and outdoor

Kaspersky’s firm has for years faced suspicions that it has links with Russian intelligence and state-sponsored hackers. Kaspersky denies any cooperation with Russian authorities beyond cyber crime enforcement.

In September, the U.S. Department of Homeland Security banned Kaspersky software from use in federal offices, citing the company’s ties with Russian intelligence. The company is the subject of a long-running probe by the U.S. Federal Bureau of Investigation, sources have told Reuters.

Antivirus software is designed to burrow deeply into computer systems and has broad access to their contents, but it normally seeks and destroys only files that contain viruses or are otherwise threatening to a customer’s computers, leaving all other files untouched.

Searching for and copying files that might contain hacking tools or clues about cyber criminals would not be part of normal operations of antivirus software, former Kaspersky employees and cyber security experts said.

In the Reuters interview, conducted at Kaspersky Lab’s offices in Moscow, Eugene Kaspersky said the NSA tools were copied because they were part of a larger file that had been automatically flagged as malicious.

He said the software removed from the agency worker’s computer included a tool researchers dubbed GrayFish, which the company has called the most complex software it has ever seen for corrupting the startup process for Microsoft’s Windows operating system.

Kaspersky said he had ordered the file to be deleted “within days” because it contained U.S. government secrets.

But he defended the broader practice of taking inert files from machines of people that the company believes to be hackers as part of a broader mission to help fight cyber crime.

“From time to time, yes, we have their code directly from their computers, from the developers’ computers,” Kaspersky told Reuters.

‘IMPROPER PRACTICE’

Three former Kaspersky employees and a person close to the FBI probe of the company, who first described the tactic to Reuters this summer, said copying non-infectious files abused the power of antivirus software. The person associated with the FBI said in one case Kaspersky removed a digital photo of a suspected hacker from that person’s machine.

Eugene Kaspersky declined to discuss specific instances beyond the NSA case, saying he did not want to give hackers ideas for avoiding detection.

“Sometimes we are able to catch cyber criminals, that’s why I am not so comfortable to speak about this to media,” he said in the interview. “Many of them are very clever, they can learn from what I am saying.”

Other industry experts called the practice improper. Mikko Hypponen, chief research officer at Finnish security company F-Secure, said that when his firm’s software finds a document that might contain dangerous code, “it will prompt the user or the administrator and ask if it can upload a copy to us.”

Dan Guido, chief executive of cyber security firm Trail of Bits, which has performed audits on security software, said Kaspersky’s practices point to a larger issue with all antivirus software.

“All of them aggregate a huge amount of information about their clients, which can be easily exploited when put in willing hands,” he said.

U.S. news organizations have reported that Kaspersky, or Russian spies hijacking its service, have been searching widely among customers’ computers for secret files, citing anonymous U.S. intelligence officials. Reuters has not verified such reports.

Kaspersky said he hoped to alleviate concerns about his company by opening up his source code for review by third parties in independently run centers, as well as by raising the maximum amount it offers for information about security flaws in its programs to $100,000.

To read the latest Reuters coverage of cyber security, click on www.reuters.com/cyberrisk

Reporting by Joseph Menn in San Francisco; Additional reporting by Jack Stubbs in Moscow, Jim Finkle and Alastair Sharp in Toronto and Dustin Volz in Washington; Editing by Jonathan Weber and Bill Rigby

Advertisements

Russia’s Kaspersky to Allow Outside Review of Its Cybersecurity Software

October 23, 2017

Company hopes sharing source code will build trust after allegations its software helped Russia spy on Americans

Kaspersky Lab, the Moscow-based cybersecurity firm whose software U.S. officials suspect helped the Russian government spy on Americans, promised to make its source code available for an independent review.

The company said Monday the review is part of a “global transparency initiative” that it hopes will improve the trustworthiness of its products. It said it would hand over the source code for its software in the first quarter of next year but didn’t specify who would undertake the review or how widely the code would be…

 https://www.wsj.com/articles/russian-cybersecurity-firm-kaspersky-to-make-source-code-available-for-review-1508756502
.
Related:
.
.
.

Image result for Eugene Kaspersky, photos

Eugene Kaspersky

*****************************************************

Kaspersky fights spying claims with code review plan

October 23, 2017 — 0745

Apple Pay now in 20 markets, nabs 90% of all mobile contactless transactions where active

Russian cybersecurity software maker Kaspersky Labs has announced what it’s dubbing a “comprehensive transparency initiative” as the company seeks to beat back suspicion that its antivirus software has been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

In a post on its website today the Moscow-based company has published a four point plan to try to win back customer trust, saying it will be submitting its source code for independent review, starting in Q1 2018. It hasn’t yet specified who will be conducting the review but says it will be “undertaken with an internationally recognized authority”.

It has also announced an independent review of its internal processes — aimed at verifying the “integrity of our solutions and processes”. And says it will also be establishing three “transparency centers” outside its home turf in the next three years — to enable “clients, government bodies and concerned organizations to review source code, update code and threat detection rules”.

It says the first center will be up and running in 2018, and all three will be live by 2020. The locations are listed generally as: Asia, Europe and the U.S.

No automatic alt text available.

Finally it’s also increasing its bug bounty rewards — saying it will pay up to $100K per discovered vulnerability in its main Kaspersky Lab products.

That’s a substantial ramping up of its current program which — as of April this year — could pay out up to $5,000 per discovered remote code execution bugs. (And, prior to that, up to $2,000 only.)

Kaspersky’s moves follow a ban announced by the US Department of Homeland Security on its software last month, citing concerns about ties between “certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”.

The US Senate swiftly followed suit, voting to oust Kaspersky software from federal use. While three months earlier the General Services Administration also removed Kaspersky Lab from a list of approved federal vendors.

The extensive system-wide permissions of antivirus software could certainly make it an attractive target for government agents seeking to spy on adversaries and scoop up data, given the trust it demands of its users.

The WSJ has previously reported that Russian hackers working for the government were able to obtain classified documents from an NSA employee who had stored them on a personal computer that ran Kaspersky software.

Earlier this month CEO Eugene Kaspersky blogged at length — rebutting what he dubbed “false allegations in U.S. media”, and writing: “Our mission is to protect our users and their data. Surveillance, snooping, spying, eavesdropping… all that is done by espionage agencies (which we occasionally catch out and tell the world about), not us.”

We’re proud to keep on protecting people against all cyberthreats – no matter of false allegations in U.S. media https://kas.pr/x78t 

Photo published for What’s going on?

What’s going on?

I doubt you’ll have missed how over the last couple months our company has suffered an unrelenting negative-news campaign in the U.S. press.

eugene.kaspersky.com

But when your business relies so firmly on user trust — and is headquartered close to the Kremlin, to boot — words may evidently not be enough. Hence Kaspersky now announcing a raft of “transparency” actions.

Whether those actions will be enough to restore the confidence of US government agencies in Russian-built software is another matter though.

Kaspersky hasn’t yet named who its external reviewers will be, either. But reached for comment, a company spokeswoman told us: “We will announce selected partners shortly. Kaspersky Lab remains focused on finding independent experts with strong credentials in software security and assurance testing for cybersecurity products. Some recommended competencies include, but are not limited to, technical audits, code base reviews, vulnerability assessments, architectural risk analysis, secure development lifecycle process reviews, etc. Taking a multi-stakeholder approach, we welcome input and recommendations from interested parties at transparency@kaspersky.com

She also sent the following general company statement:

Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question, and the company reiterates its willingness to work alongside U.S. authorities to address any concerns they may have about its products as well as its systems.

As there has not been any evidence presented, Kaspersky Lab cannot investigate these unsubstantiated claims, and if there is any indication that the company’s systems may have been exploited, we respectfully request relevant parties responsibly provide the company with verifiable information. It’s disappointing that these unverified claims continue to perpetuate the narrative of a company which, in its 20 year history, has never helped any government in the world with its cyberespionage efforts.

In addition, with regards to unverified assertions that this situation relates to Duqu2, a sophisticated cyber-attack of which Kaspersky Lab was not the only target, we are confident that we have identified and removed all of the infections that happened during that incident. Furthermore, Kaspersky Lab publicly reported the attack, and the company offered its assistance to affected or interested organisations to help mitigate this threat.

Contrary to erroneous reports, Kaspersky Lab technologies are designed and used for the sole purpose of detecting all kinds of threats, including nation-state sponsored malware, regardless of the origin or purpose. The company tracks more than 100 advanced persistent threat actors and operations, and for 20 years, Kaspersky Lab has been focused on protecting people and organisations from these cyberthreats — its headquarters’ location doesn’t change that mission.

“We want to show how we’re completely open and transparent. We’ve nothing to hide,” added Kaspersky in another statement.

Interestingly enough, the move is pushing in the opposite direction of US-based cybersecurity firm Symantec — which earlier this month announced it would no longer be allowing governments to review the source code of its software because of fears the agreements would compromise the security of its products.

Source:https://techcrunch.com/2017/10/23/kaspersky-fights-spying-claims-with-code-review-plan/

US agencies banned from using Russia’s Kaspersky software

September 14, 2017

Federal agencies in the US have 90 days to wipe Kaspersky software from their computers. Officials are concerned about the Russian company’s ties to the Kremlin and possible threats to national security.

Headquarters of Internet security giant Kaspersky in Moscow (Getty Images/AFP/K. Kudryavtsev)

The administration of US President Donald Trump has ordered government agencies to remove products made by Russian company Kaspersky Labs from their computers.

The Department of Homeland Security (DHS) said Wednesday it was concerned that the cybersecurity firm was susceptible to pressure from Moscow and thus a potential threat to national security.

Read more: Facebook, Russia and the US elections – what you need to know

DHS said in a statement that it was “concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies,” as well as Russian laws that might compel Kaspersky to hand over information to the government.

But the makers of the popular anti-virus software have said “no credible evidence has been presented publicly by anyone or any organization as the accusations are based on false allegations and inaccurate assumptions.”

US tech retailer Best Buy confirmed earlier Wednesday that it would no longer sell Kaspersky products, but has declined to give further details on the decision.

Ties between Kaspersky, Kremlin ‘alarming’

Civilian government agencies have 90 days to completely remove Kaspersky software from their computers. The products have already been banned in the Pentagon.

US congressional leaders have applauded the move. Democratic Senator Jeanne Shaheen said the “strong ties between Kaspersky Lab and the Kremlin are alarming and well-documented,” and asked the DHS if the company’s products were used for any critical infrastructure, such as for voting systems, banks and energy supply.

Although Kaspersky Labs was founded by a KGB-trained entrepreneur, Eugene Kaspersky, and has done work for Russian intelligence, the company has repeatedly denied carrying out espionage on behalf of President Vladimir Putin and his government.

es/cmk (AP, Reuters)

http://www.dw.com/en/us-agencies-banned-from-using-russias-kaspersky-software/a-40500232

U.S. Senate moves to ban Moscow-based cybersecurity firm Kaspersky Lab over ties to Russia

June 29, 2017

The Hill

Senate moves to ban Moscow-based cybersecurity firm over ties to Russia
© Getty Images

The Senate’s draft of the Department of Defense’s budget rules reveals a provision that would block the use of products from the Russian-based global cybersecurity firm Kaspersky Lab, citing concerns that the company “might be vulnerable to Russian government influence.”

Reuters reporter Dustin Volz first shared the news in a tweet Wednesday.

“BREAKING: Senate draft of [National Defense Authorization Act] bans use of Kaspersky products by [Department of Justice] due to reports company “might be vulnerable to Russian [government] influence,” Volz tweeted.

The decision to ban the products within the National Defense Authorization Act (NDAA), which specifies budget and expenditures for the Department of Defense, comes after the FBI visited at least 10 Kaspersky employee’s homes.

The investigative agency, however, has not yet contacted the company.While Kaspersky is based in Russia, the company has research centers around the world, including in the U.S.

“As a private company, Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyber espionage efforts,” the company said in a reissued statement.

“The company has a 20-year history in the IT security industry of always abiding by the highest ethical business practices, and Kaspersky Lab believes it is completely unacceptable that the company is being unjustly accused without any hard evidence to back up these false allegations,” the statement continued. “Kaspersky Lab is available to assist all concerned government organizations with any ongoing investigations, and the company ardently believes a deeper examination of Kaspersky Lab will confirm that these allegations are unfounded.”

Its founder, Eugene Kaspersky, has also offered to testify in front Congress after NBC News reported that its employees were largely asked about their relationship between the U.S. and Russian.

http://thehill.com/homenews/senate/339981-senate-moves-to-ban-moscow-based-kaspersky-use-due-to-concerns-about-russian

Image result for Eugene Kaspersky, photos

Eugene Kaspersky

Russia’s ‘Cyber Security King’ Accused of sabotaging his competitors, helping Russian spies — He says he has nothing to hide

October 6, 2015
Eugene Kaspersky, CEO of Kaspersky Lab, speaks in Washington on June 4, 2013

Eugene Kaspersky, CEO of Kaspersky Lab

Text by Claire WILLIAMS , Farah BOUCHERAK , MONACO

Latest update : 2015-10-06

Accused of helping Russian spies and sabotaging his competitors, Eugene Kaspersky tells FRANCE 24 he is innocent and has “nothing to hide”.

Empty-handed, Eugene Kaspersky obediently backs away from the buffet. A waitress has just told him off for picking up a carrot stick before the party has begun. Little did she know he paid for the lavish networking-do at the ‘Les Assises’ cyber conference in Monaco. Everyone else, bar the catering staff, knows exactly who he is.

“I was expecting Eugene Kaspersky’s party to be all about red meat and vodka. But instead it’s all salads and champagne,” said Canadian security expert Ben Marzouk. “To see him here as sweet as a lamb, well, that’s killed the myth.”

Eugene Kaspersky is equally famous and feared in cyber circles. At 16, he was selected to study cryptography at a school partially funded by the KGB. By the time he was 24, he had created his first anti-virus software to protect his own computer.

Eight years later he founded Kaspersky Lab, which is now one of the biggest anti-virus makers in the world, with 460 million users and 711 million euros in annual profit. His firm has impressed critics by revealing real cyber threats like the Equation Group, a highly sophisticated attack team it believes helped create the Stuxnet virus.

Today the Russian billionaire spends most of his working life on a global PR drive trying to convince governments, companies and individuals to trust him and his anti-virus software.

Allegations of aiding Russian espionage

The news agency Reuters says it has evidence Kaspersky Lab deliberately created fake, harmless viruses in 2009 to trick its competitors into deleting important files on their customers’ PCs. The alleged aim was to expose firms Kaspersky believed were using his technology instead of developing their own. Reuters sources claim Kaspersky told his researchers to attack rival AVG by “rubbing them out in the outhouse,” quoting Vladmir Putin’s threat to pursue Chechen rebels wherever.

But the allegations have failed to convince everyone in the industry.

When France 24 spoke to Jeffrey Carr, the American CEO of security firm Taia Global, he said he didn’t know if Reuters’ claims were true or false. “We should be sceptical since the accusers are both anonymous and have an axe to grind against their former employer,” he said.

Kaspersky called Reuters’ claims “ludicrous”, saying the fake virus attack also affected his company.

“It remains a mystery who staged the attack, but now I’m being told it was me!”

Another news outlet, Bloomberg, has accused Kaspersky Lab’s senior management of handing over customer data to help the KGB’s successor, the FSB, carry out spying. It also claims Kaspersky regularly attends banya (sauna) sessions in Moscow with Russian spies.

Kaspersky insists the Russian authorities have no hold over his firm. “There were no cases when we were asked about sharing data we got from customers,” he told FRANCE 24. “There is no way. I’m in the IT business and it’s not possible to pressure us. Our value is our brains, which can travel.”

“Everyone is spying on each other”

Yves Grandmontagne, a journalist who has been covering cyber news for twenty years, says it is hard to believe governments, in Russia or anywhere else, could resist calling on the expert services of domestic firms with access to customer data from around the world.

It is “more than plausible” that Kaspersky Lab hands over its clients’ data to the Russian government, he said. “But we should look at ourselves in the mirror. Because … the Americans are at it, the British, the French, everyone is spying on each other.”

There’s nothing new or extraordinary about firms working with their respective governments, Carr said.“Everyone wants to support their own government’s goals and policies, and will do what they’ve been contracted to do.”

Can you trust foreign cyber security firms at all?

But to protect themselves against international attacks, governments and companies have little choice but to work with non-domestic cyber security providers.

“If governments and companies only use tools developed domestically, they will not acquire the best ones available to suit their particular needs,” said Grandmontagne.

Layered, complex threats are coming from outside the country, so the solutions need to as well.

Admiral Dominique Riban, second in command of the French Government’s IT security agency ANSSI, believes “you can trust Kaspersky on your personal computer. But if you’re working in an important industry, trust will need to be built up over time. And when it comes to national defence and classified information, there are times we won’t call on the services of a Russian or American firm, or any other nationality.”

“France doesn’t have friends in the cyber world. We have enemies, and we have allies,” he said.