Kaspersky CEO: USA's angreb på firmaet skyldes at firmaet fandt noget USA ikke kunne lide

Det russiske cybersikkerhedsfirma Kaspersky Lab er blevet offer for en heksejagt i USA, blot fordi det gjorde sit arbejde godt, siger firmaets CEO, Eugene Kaspersky. Han tilføjer ,at firmaet muligvis er snublet over noget hemmeligt USA forretning.

Hele situationen omkring USA's forbud mod brug af Kaspersky Lav antivirus produkter i statskontorer (federal agencies) "ser meget mærkeligt ud" fortalte Kaspersky Tysklands avis, Die Zeit (på engelsk), idet han tilføjdede, at hele problemet manglede belæg. "Det er mere en storm i et glas vand, end det er virkelig handling," sagde han.

Kaspersky forklarede så, at USA's autoriteter har beordret alle regeringskontorer til at fjerne firmaets software fra deres computerr, selv om "vi næsten ikke havde nogen installationer der" Med det meget begrænsede behov for sådanne manøvre, prøvede de tilsyneadende at skade firmaets rygte.

"Det lader til, at vi blot gør vores arbejde bedre end andre, og at dette har skuffet nogle, sagde Kaspersky om motiverne bag USA regerings beslutning. "Det lader til, at vi har opdaget noget ukendt eller sandsynligvis meget velkendt malware, som så skuffer nogle i USA."

På samme tid understreger han, at firmaet ikke samler "nogen form for sensitive personlige data," for slet ikke at tale om klassificerede dokumenter, idet han tilføjede, at de eneste data, som Kaspersky Lab søger, er "nye typer malware, ukendte eller mistænkelige apps."


The Russian cybersecurity company was indeed accused by the US media of using its software to collect the NSA technology for the Russian government - something that Kaspersky Lab vehemently denied.

According to US media reports in October 2017, an employee from the National Security Agency (NSA) elite hacking unit lost some of the agency's espionage tools after storing them on his home computer in 2015. The media jumped to blame Kaspersky Lab and the Kremlin.

Following the reports, the company conducted an internal investigation and stumbled upon an incident dating back to 2014. At the time, Kaspersky Lab was investigating the activities of the Equation Group - a powerful group of hackers that later was identified as an arm of the NSA.

As part of Kaspersky's investigation, it analyzed information received from a computer of an unidentified user, who is alleged to be the security service employee in question. It turned out that the user installed pirated software containing Equation malware, then "scanned the computer multiple times," which resulted in antivirus software detecting suspicious files, including a 7z archive.

"The archive itself was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts. Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware," the company's October statement explained.

The analyst then reported the matter directly to Eugene Kaspersky, who ordered the company's copy of the code to be destroyed.

On Thursday, Kaspersky Lab issued another statement concerning this incident following a more extensive investigation. The results of the investigation showed that the computer in question was infected with several types of malware in addition to the one created by Equation. Some of this malware provided access to the data on this computer to an "unknown number of third parties."

In particular, the computer was infected with backdoor malware called Mokes, which is also known as Smoke Bot and Smoke Loader. It is operated by an organization called Zhou Lou, based in China.

Kaspersky Lab, a world leader in cybersecurity founded in Moscow in 1997, has been under pressure in the US for years. It repeatedly faced allegations of ties to the Kremlin, though no smoking gun has ever been produced.

In July, Kaspersky offered to hand over source code for his software to the US government, but wasn't taken up on the offer. In October, the cybersecurity company pledged to reveal its code to independent experts as part of an unprecedented Global Transparency Initiative aimed at staving off US accusations.

Kaspersky has been swept up in the ongoing anti-Russian hysteria in the US, which centers on the unproven allegations of Russian meddling in the 2016 presidential elections. In September, the US government banned federal agencies from using Kaspersky Lab antivirus products, citing concerns that it could jeopardize national security and claiming the company might have links to the Kremlin. Eugene Kaspersky denounced the move as "baseless paranoia at best."

Even as Kaspersky Lab is offering its cooperation to US authorities, on Thursday, WikiLeaks published source code for the CIA hacking tool "Hive," which was used by US intelligence agencies to imitate the Kaspersky Lab code and leave behind false digital fingerprints.

The US might be targeting Kaspersky Lab in its witch hunt because the company might be able to disprove American allegations against Russia, experts told RT. "We have Kaspersky saying, 'We can do this. We can prove some of these hacks are not Russian, they are American,' when it comes to the presidential elections. And so they needed to discredit them," former MI5 analyst Annie Machon said.

The campaign against the Russian cybersecurity firm could go back as early as to 2010, when Kaspersky Lab revealed the origin of the Stuxnet virus that hit Iran's nuclear centrifuges, she told RT. Back then, Kaspersky Lab stated that "this type of attack could only be conducted with nation-state support and backing." Nobody claimed responsibility for the creation of the malware that targeted Iran. However, it is widely believed that the US and Israeli intelligence agencies were behind Stuxnet.