Clik here to view.
Kaspersky Lab chief Eugene Kaspersky has labelled the latest published claim, about his company's software being a means of exfiltrating NSA material from the computer of an agency employee, as "the script of a C[grade] movie".
In a long blog post, Eugene said the story, in The Wall Street Journal, was "sensationalist". He was contemptuous of the sourcing – "disclosed by anonymous sources (what a surprise)".
«No public evidence of collusion between Kaspersky & RU gov. The company has vehemently denied any such connection» https://t.co/T3Nd1McPnH pic.twitter.com/ZCmZ0LIX68
— Eugene Kaspersky (@e_kaspersky) 5 October 2017
He also mentioned the claim in the story that his company was aggressive in its methods of hunting for new malware.
The WSJ report claimed that Russian government hackers had obtained details of how the US breaks into networks of other countries and also how it defends itself, through the theft of material that was moved by an NSA contractor from his office machine to his home computer.
{loadposition sam08}That home machine was using Kaspersky Lab's anti-virus software and it was this that had been used for the process of exfiltrating of data, the story alleged.
Later in the story, a former NSA employee's quotes appeared to allege that Kaspersky's anti-virus software made copies of everything it found on a computer, adding that the software was "aggressive" in its malware hunting methods. All anti-virus software exhibits similar behaviour.
You expected him to apologize for his product detecting NSA's malware and reporting it? Or for idiots taking classified materials home?
— Vess (@VessOnSecurity) 5 October 2017
Eugene agreed with this characterisation, but said it was a positive.
"We absolutely and aggressively detect and clean malware infections no matter the source and we have been proudly doing it for 20 years," he said.
"This is the reason why we consistently get top ratings in independent, third-party malware detection tests. We make no apologies for being aggressive in the battle against malware and cyber criminals – you shouldn’t accept any less. Period."
Here's how Shadow Brokers described obtaining tools. https://t.co/86V7HvWnT7 pic.twitter.com/I01zTnzI2w
— emptywheel (@emptywheel) 5 October 2017
He questioned why, if Russian hackers had exploited a weakness in one of his products installed on a user's PC, and government agencies concerned with security knew about it, they did not inform his company to patch the bugs that had led to the exfiltration of data.
"We patch the most severe bugs in a matter of hours, so why not make the world a bit more secure by reporting the vulnerability to us? I can’t imagine an ethical justification for not doing so," he said.
In what appeared to be a reference to the Stuxnet virus — allegedly created by US and Israeli programmers to subvert Iran's nuclear programme — as well as the current claims, Eugene wrote:
"In the end, I can’t shake off a disturbing thought: that the security of millions could be compromised yet again at the snap of a finger of an insider and in spite of the greatest technologies and measures, by the oldest threat actor — a $5 USB stick and a misguided employee."
Stuxnet was discovered by Kaspersky Lab. It was infiltrated into the Iran nuclear labs through an USB drive as the lab was not connected to any external network.