Kaspersky relocates

Russian cybersecurity firm Kaspersky has announced that it will open a Swiss data centre to increase transparency. Kaspersky, which has come under increasing scrutiny as multiple government departments have banned its use, has denied that it has ties to the Kremlin.

Background

Kaspersky is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow. It is one of largest cybersecurity companies in the world. The software is used by civilians and governments across the globe. It boasts over 400 million users and much of its market is in Europe. The company was founded in 1997 by Eugene Kaspersky, who also serves as CEO. Eugene Kaspersky studied at a KGB cryptography institute, served in the Soviet military and is one of the most powerful businessmen in Moscow. 

Kaspersky has seen an increasing amount of suspicion from western nations. US intelligence in particular has been sceptical of Kaspersky. Last year, the US Department of Homeland Security ordered all government agencies and departments in the country to stop using Kaspersky. “The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security,” a statement read. In January 2018, the US Treasury Department included Eugene Kaspersky on its "Kremlin report" of elite Russian officials and oligarchs who could face sanctions.

The UK’s National Cyber Security Centre has warned its government departments to stop using Kaspersky on official systems. "Given we assess the Russians do cyber-attacks against the UK for reasons of state, we believe some UK government and critical national systems are at increased risk" said NCSC’s technical director Ian Levy.

In recent years, Western democracies have accused Russia of conducting covert operations to influence domestic functioning. The consensus among the intelligence agencies in the US is that Russia conducted an ‘influence’ campaign to harm Hillary Clinton’s presidential bid. The UK government has accused Russia of hacking elections and it has been implicated in the alleged hacks that took place during the French presidential elections. Additionally, both the UK and US have accused Russia of orchestrating the NotPetya cyber-attacks in 2017. Most recently, the United States and the UK have warned of a potential global cyber-attacks that might be conducted by the Russian government. Read more on this here.

Analysis

This week, the Dutch government said that it would soon stop using Kaspersky software due to the risk of "digital espionage and sabotage". "Russia has an active offensive cyber programme focusing on the Netherlands and vital Dutch interests," the Dutch Justice and Security ministry warned.

Kaspersky has repeatedly denied any links to the Russian government or its spy network. The cyber security firm stated, “The accusations of any inappropriate ties with the Russian government are based on false allegations and inaccurate assumptions.” In response to the recent statements by the Dutch, the organisation told Russian news service Sputnik,  “Kaspersky Lab is caught up in a geopolitical fight… no credible evidence of wrong-doing has been publically presented by anyone or any organization to justify such decisions. Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage.”

Kaspersky has now noted that it is relocating a “good part” of its infrastructure to Zurich, Switzerland, including the “software assembly line” and servers that store and process Kaspersky Security Network data. These measures will allow the organisation’s software to be compiled under the supervision of a third-party organisation. Governments and “trusted partners” will reportedly be allowed to review source codes and tools linked to software development, threat detection databases, and cloud services at the new Transparency Center. Switzerland was chosen as a location for its “neutrality” and strong data protection legislation, the company said.

Kaspersky Lab founder, Eugene Kaspersky, has emphasised that “Internet balkanisation” and “reduced cooperation among countries” only benefits cybercriminals. “The world is changing and changing really fast. The world in which we worked two or three years ago is different,” said Anton Shingarev, vice-president of public affairs. “The company needs to address that. The allegations we faced are wrong and there is no evidence. Still the allegations are there. We need to show customers we are taking them seriously and address them.”

Counterpoint

It has been noted that even when the new centre opens, the headquarters in Moscow will still be able to review and access data. The primary change is that information requests will be logged and monitored by an independence Swiss organisation. Additionally, the very nature of antivirus software, which requires access to systems and networks in order to protect files, leaves users vulnerable to surveillance.

Ciaran Martin, chief executive of the NCSC, told the Financial Times that the UK would independently verify the changes before altering its stance on the software. Other agencies may do the same.

Assessment

Our assessment is that there has been increasing concern about offensive cyber capabilities in the global security and intelligence circuit. As stated previously, we believe that governments across the world have grown wary of the alleged threat of Russian spies working through Kaspersky. The company’s recent move is most likely an attempt to clear its name of accusations that it collaborates with the Russian government.