Russian antivirus firm Kaspersky Lab has been in the news a lot lately, and not in a good way. The U.S. Congress may ban Kaspersky products from the Pentagon. The federal bureaucracy has removed Kaspersky Lab from its list of approved vendors. And FBI agents have interviewed some of Kaspersky's U.S. employees at their homes.
Eugene Kaspersky in Tokyo with his company's Japanese mascot. Credit: Eugene Kaspersky
All this has happened mainly because Kaspersky Lab and its CEO and co-founder, Eugene Kaspersky, are perceived as being close to the Kremlin. Reports in major Western news outlets have alleged strong ties between Kaspersky Lab and the Russian security services, though there's not much of a smoking gun.
Eugene Kaspersky has fired back, insisting that his company is free from government interference. He's even offered to show the U.S. government the source code of his company's products. So far, the pushback isn't working.
I don't know how close Kaspersky Labs is to the Kremlin. I've met Eugene Kaspersky a few times, and I think he talks too much to make a good spy. But I do know one thing for sure: Kaspersky antivirus software is excellent, and unless you're running a nuclear power plant, designing a jet fighter or operating the New York Stock Exchange, it should be safe to use.
Let me state right off the bat that I am not a Russian apologist. The evidence is overwhelming that the Russian government influenced the 2016 U.S. presidential election through propaganda and selective disclosure of stolen information. Cybersecurity experts were aware of Russian electoral machinations in March of 2016, before the GOP primary process was even finished.
But there's no evidence Kaspersky Lab had anything to do with that. What is clear is that Kaspersky has a terrific team of researchers looking into malware and cyberespionage, and they freely and actively share what they discover.
The company has not one, but three cybersecurity blogs that I read every day: the general Kaspersky blog, the technical but informative Securelist blog and the excellent but less technical Threatpost news site.
Yes, Kaspersky has uncovered cyberespionage campaigns conducted by U.S. intelligence agencies, most notably the Flame spyware platform. (Contrary to widespread belief, Kaspersky did not discover the Israeli-NSA Stuxnet worm.) But Kaspersky has also uncovered Russian cyberespionage efforts, such as the Red October campaign.
More recently, Kaspersky Lab did some of the most important work in analyzing the Petya/ExPetr ransomware worm that hit Europe in late June. Kaspersky was the first major cybersecurity company to state that this worm was actually a cyberweapon disguised as ransomware — and the evidence pointed to Petya being part of a Russian attack against Ukraine. (Kaspersky Lab has a policy of not explicitly attributing state-sponsored malware campaigns to any particular state, but it's usually not hard to read between the lines.)
Nevertheless, it's true that Kaspersky Lab couldn't have become such a successful Russian company, and Eugene Kaspersky a billionaire, without approval, both official and unofficial, from the Russian government, which likes to hold the reins on rich businesspeople. It's also true that Eugene Kaspersky was trained by the KGB's signals-intelligence division during the last years of the Cold War. Years ago, the company even touted that fact on the packaging of Kaspersky products.
The company admits that it works with the FSB, Russia's domestic-intelligence agency, when called upon. Kaspersky Lab got the government contract to secure the communications and computer systems at the 2014 Winter Olympics in Sochi, Russia. News reports have alleged that former Russian military and intelligence officials have been placed in sensitive jobs within the company. In January 2017, Russian authorities arrested a Kaspersky manager along with two active FSB officers. All were charged with treason.
But that doesn't make Kaspersky Lab an arm of the Kremlin, any more than top American information-security firms are arms of the U.S. government. (Many top American cybersecurity analysts have worked for the NSA, and there are rumors that the U.S. government places people high up in American telecommunications companies.) And Kaspersky itself insists that it can't favor one government over another, lest it lose customers worldwide.
Unfortunately, the company may lose customers anyway. Much as Edward Snowden's revelations caused many people around the world to lose faith in U.S. software products, justifiably or not, so too the Russian election-hacking campaign may cause Americans to suspect Russian software — and Kaspersky is by far the biggest and best-known Russian software company.
So is Kaspersky software safe to use? It's probably not a good idea for any U.S. defense contractor, federal agency or critical-infrastructure operator to use antivirus software from a potential adversary country. That includes not only Russian companies like Kaspersky and Dr.Web, but also Chinese ones such as Qihoo 360.
But private citizens need not worry that Kaspersky software will open up their computers to Russian hackers. If that were the case, it would have been found out already. What customers need to know is that Kaspersky antivirus software is really good — and will do a great job keeping out real threats instead of merely speculative ones.