US's Kaspersky ban 'opens door to cybercrime'
Eugene Kaspersky, founder of the Russian cybersecurity firm whose anti-virus software was banned in US government departments, has warned that such protectionism will have a "boomerang effect" as criminals exploit foreign policy tensions.
"Such measures force cybersecurity vendors to work in restricted markets, while cybercriminals can act globally," he said in an interview with Business Times this week.
"Only the criminals benefit from that. We work in an industry that depends greatly on co-operation among private vendors, law enforcement agencies and government bodies all around the world. Cybercriminals aren't waiting for foreign policy tension to die down. They're simply exploiting this lack of co-operation to hit us all harder."
Kaspersky Lab, Russia's leading cybersecurity firm, is ranked fourth in the world in revenue among anti-virus firms. It was banned for use in the federal government by US President Donald Trump in 2017. The move followed the US department of homeland security banning the software for all federal agencies.
The department said it was "concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks". The risk was that the Russian government, on its own or with Kaspersky Lab, could compromise federal information systems, harming US national security.
The company's CEO denied any such potential threat to the US, and no evidence has been offered to back up the claims.
In response, however, Kaspersky Lab launched a Global Transparency Initiative, to provide assurance of the trustworthiness of its products. It followed with the opening of a "transparency centre" in Switzerland last November, to allow clients and governments to scrutinise its software in a neutral environment. A data centre launched in Switzerland at the same time allowed for client communications to avoid Russian "airspace". Last week it announced a second transparency centre in Madrid.
"The transparency centre and data centre in Zurich represented only a first step in this direction," said Kaspersky. "It's a gesture to anyone and everyone: we've nothing to hide, and if you don't believe me - come and see for yourself, and that includes even our source code."
However, he had no intention of moving his company's headquarters out of Moscow.
Good Soviet education
"The lion's share of our research and development people are based in Moscow. Simply because Russia still has the best software engineers, thanks to the legacy of really good Soviet technical education," he said.
In August last year, Trump signed a bill banning the use of equipment from Chinese communications technology firms Huawei and ZTE by the US government and government contractors. His administration cited national security, warning that such hardware potentially provided a back door for the Chinese government to access US networks.
In the past year, Kaspersky Lab saw a revenue drop in only two regions: North America and Latin America. "Our financial results for 2018 show that the geopolitical storm we were caught up in did have its consequences for us in the North American market: we suffered a 25% drop in sales in the US. Nevertheless, the market is constantly developing and continues to show bright spots, especially in online sales," Kaspersky said.
"And the North American drop didn't stop us from showing 4% revenue growth globally, which goes to show that our customers can read between the lines and separate facts from fiction."
The slowdown in Latin America, Kaspersky said, was largely due to currency fluctuations. "The Middle East, Turkey and Africa region grew best, at 27%."
Kaspersky Lab has a strong presence in SA. Commenting on the dangers of the mass adoption of mobile technology, Kaspersky said: "For SA, our recent Kaspersky Security Network statistics showed a 65% increase in phishing attacks and a 64% increase in ransomware attacks, which indicate a growing interest in such cybercriminal methods." This is based on data the company released for 2018.
"Africa is a unique continent where digitalisation is spreading at a very fast pace. The continent skipped the landline and went straight to the mobile economy; this mobile adoption obviously brings online dangers with it. We see a need for increased cyber-awareness to keep up with the ongoing digital economy."