Fearing U.S. Sanctions, Kaspersky Moves User Data Out of Russia

Beleaguered Russian antivirus maker Kaspersky Lab is moving many of its servers and software-development operations from Moscow to Switzerland in an effort to win back the trust of Western customers — and especially Western governments.

The future location of many Kaspersky Lab operations and servers. Credit: Canadastock/Shutterstock

(Image credit: The future location of many Kaspersky Lab operations and servers. Credit: Canadastock/Shutterstock)

"We are relocating a good part of our infrastructure to Zurich, Switzerland, including the 'software assembly line' and servers that store and process Kaspersky Security Network data, and creating our very first Transparency Center," the company announced in a blog posting today (May 15).

The company's surprise announcement followed some bad news, and some not-so-bad news, for Kaspersky Lab. Yesterday (May 14), the Dutch government said it would purge Kaspersky software from its systems. But later yesterday, the Washington-based news site CyberScoop reported that some U.S. government officials were backing off from the idea of imposing punitive sanctions on Kaspersky Lab.

MORE: Best Antivirus Software and Apps

Kaspersky said it was also "moving the servers that process and store Kaspersky Security Network information for users located in Europe, North America, Australia, Japan, South Korea, and Singapore."

Like the software-development facility, the servers would be open to inspection and review by an unnamed third-party organization.

Western governments worry that Kaspersky Lab is a Kremlin tool. The U.S. and British governments have stopped using it; Best Buy and OfficeMax stores pulled Kaspersky products from their shelves last year. Even Twitter stopped taking Kaspersky ads last month.

Kaspersky Lab is trying to counter the negative publicity with a charm offensive. It's making its antivirus software's code available to any "responsible stakeholders" who ask, and the company is trying to disclose as much about its internal operations as possible. 

Kaspersky's self-proclaimed Global Transparency Initiative isn't winning over anyone in Washington, though. Last month, CyberScoop reported that the company might be included in a rumored broad round of punitive sanctions against Russian government entities.

Yesterday's CyberScoop story specified that the Kaspersky-sanctioning idea came from within the White House's National Security Council, recently taken over by the legendarily hard-line diplomat John R. Bolton. But the story also suggested that some officials were worried that sanctions could create a blowback against American companies overseas.

"What's stopping China from punishing Apple if they found out they were conforming to a National Security Letter or something?" an unnamed source told CyberScoop, referring to a super-secret demand for information by U.S. law-enforcement and intelligence agencies.

Another source said punitive sanctions "would be a bullet in the head for Kaspersky."

"It would kill their business not just here but pretty much anywhere that enjoys the benefits of using the U.S. banking system," the source added. "This could have a reverberating impact that comes back to hurt us."

CyberScoop's sources said they all still agreed with keeping Kaspersky software out of U.S. government systems.

Defense and other federal contractors have been told that they must get rid of Kaspersky software as well. However, some U.S. government officials have told private-sector companies to stop using Kaspersky software, without publicly disclosing why.

The understandable fear is that Kaspersky Lab could easily become, or may already be, an espionage vehicle for one or more of Russia's competing intelligence agencies. By law, Russian firms have to comply with Kremlin requests, and Kaspersky Lab has worked closely with the Kremlin in both tracking down cybercriminals, and running cybersecurity operations at the 2014 Winter Olympics in Sochi, Russia.

That certainly makes it justifiable for American government agencies and defense contractors to stop using Kaspersky software, the presence of which would create an "unacceptable risk" in defense/intelligence parlance.

But U.S. officials have never fully explained why Kaspersky products might be a threat to the public at large. Leaks to major American newspapers in 2017 tried to establish that Kaspersky software was actively transmitting private data about U.S. computer systems back to Russia, and that Russian intelligence had access to Kaspersky servers. But the stories didn't quite hold water when examined closely.

These aggressive U.S. moves against Kaspersky products mirror those against Chinese telecom providers Huawei and ZTE, which U.S. national-security officials regard as espionage tools of the Chinese military. Under U.S. government pressure, Verizon and AT&T earlier this year abruptly canceled deals to sell Huawei smartphones.

ZTE also sold equipment to Iran and allegedly tried to cover up the sales, which led the U.S. government last month to ban U.S. companies, such as Qualcomm, from supplying crucial components to ZTE.

As a result of the ban, ZTE appeared to be on the verge of collapse until U.S. President Donald Trump had a change of heart this past weekend and said he'd work with the Chinese government to save the company.

We here at Tom's Guide still think Kaspersky antivirus software is excellent. We had a chance to attend a recent meeting between Kaspersky executives and members of the press in San Francisco, and we can report that the company's Global Transparency Initiative appears to be both sincere and expensive.

We don’t know whether company co-founder and namesake Eugene Kaspersky really did work for the KGB, or how much the company cooperates with Russian intelligence services. But we can tell you that Kaspersky researchers and products are well-respected among information-security experts. Until the company's adversaries disclose more information, we see no reason why anyone who's not tied to national-security matters should stop using Kaspersky software.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.