Kaspersky Lab Hits Back Against Allegations Of Russian Ties, Releases Internal Investigation Report

Kaspersky Lab Thursday released the results of an internal investigation as the Moscow-based security company aims to defend itself against having alleged ties to the Russian government.

In early October, a Wall Street Journal report alleged that Kaspersky Lab uploaded National Security Agency files from an employee’s computer in 2015 – but the company in its report said that it did not do so as a result of collusion with Russia, but instead as part of an investigation into malicious code on the machine.

According to Kaspersky Lab's report, the company said that its servers received confidential NSA materials from a computer – but the incident occurred in 2014, not 2015.

[Related: CRN Exclusive: Scale Computing Leads The Edge Charge With First Hyper-Converged System Built For Edge Computing]

Sponsored post

Kaspersky Lab also said that its download of the confidential files on the computer was not a result of collusion with Russia, but instead an investigation of malicious code on the computer from an NSA-linked hacking group called the Equation Group.

In September 2014, according Kaspersky Lab, one of its security products deployed on a home computer reported variants of the malware used by the Equation Group. The user of the computer disabled Kaspersky Lab's anti-virus tool and downloaded pirated software infected with another form of malware, before re-activating the company's product, according to the company.

The file containing malware was sent back to Kaspersky Lab and CEO Eugene Kaspersky then ordered that the classified data be deleted from the computer, the company said in its report.

’The reason Kaspersky Lab deleted those files and will delete similar ones in the future is two-fold: First, it needs only malware binaries to improve protection and, secondly, it has concerns regarding the handling of potentially classified material,’ the company said in the report.

Kaspersky Lab stressed that its investigation did not reveal similar incidents in 2015, 2016 or 2017.

’The software performed as expected and notified our analysts of alerts on signatures written to detect an Equation Group malware that was actively under investigation. In no way was the software used outside of this scope to either pull back additional files that did not fire on a malware signature or were not part of the archive that fired on these signatures,’ the company said in the report.

Even before The Wall Street Journal report, Kaspersky Lab, which has North American headquarters in Woburn, Mass., has faced an array of other allegations over the past few months.

The allegations have led to months of pushback against the security vendor’s alleged ties to the Russian government, including being removed from the GSA Schedule in July.

One partner, who wished to remain anonymous, said that Kaspersky Lab was once ’an easy sell’ for customers – but over the past month, both SMB and larger enterprise customers are looking at other options.

’We support the product and the company, but if customers can’t be convinced to buy Kaspersky then ultimately we’ll have to turn the other way,’ he said.

The partner said the biggest issue Kaspersky Lab is facing is public perception – but the new internal investigation may sway customers who have been exploring other options.

’Our stance on it is that there hasn’t been a lot of hard proof that Kaspersky has done anything wrong,’ said the partner. ’As a partner we’ve gotten emails from them saying it’s unfounded and thanking us for our support … but one thing we haven’t seen is them trying to convince the public, and that’s where they need to focus their efforts, so I hope this helps.’