Kaspersky to Open Security Code, But Will it Restore Trust?
In September, the U.S. government barred federal agencies from using Kaspersky’s anti-virus products because of concerns about its ties to the Kremlin and Russian spy operations. News reports have since linked Kaspersky software to an alleged theft of cybersecurity information from the U.S. National Security Agency.
Kaspersky Says it Obtained Suspected NSA Hacking Code From U.S. Computer (Image: REUTERS/Sergei Karpukhin)
Moscow-based cyber security firm Kaspersky Lab, battered by suspicion of Russian government influence, wants to reassure customers by opening up its software’s underlying code for outside review. But security experts and some U.S. politicians say the move is mostly meaningless. In September, the U.S. government barred federal agencies from using Kaspersky’s anti-virus products because of concerns about its ties to the Kremlin and Russian spy operations. News reports have since linked Kaspersky software to an alleged theft of cybersecurity information from the U.S. National Security Agency. The company has repeatedly denied the allegations and says it’s been dragged into the middle of a “geopolitical fight.”
Now Kaspersky says it will provide the source code of its software — including software updates and threat-detection rules updates — for independent review and assessment. Outside experts, however, say such a review can only reveal so much, and thus would do little to address concerns of customers and the U.S. government. “They’re trying to salvage their reputation,” said Blake Darche, a former NSA worker who is now the chief security officer for security firm Area 1. “I don’t see how it addresses the allegations against them in any meaningful way.” “This review is a red herring that doesn’t address any of the fundamental underlying concerns with Kaspersky products, most significantly, that Russian law enables the Kremlin to monitor data transmissions, including Kaspersky’s,” U.S. Sen. Jeanne Shaheen, a New Hampshire Democrat and regular Kaspersky critic, said in a statement Monday.
The suspicion has taken a toll on Kaspersky. Shortly after the federal ban, retailers such as Best Buy and Office Depot also stopped selling its consumer security software. Then news broke in early October that hackers allegedly working for the Kremlin used Kaspersky’s software to steal information from a National Security Agency contractor about how the U.S. infiltrates foreign networks and defends against cyber attacks. The company denied involvement. CEO Eugene Kaspersky said on Twitter on Monday that’s he’s evaluating contractors who can conduct an independent code review. By 2020, the company says it plans to open three centers in Europe, Asia and the United States where it says customers, government agencies and concerned organizations will also be able to review its code.
Security researcher Chris Wysopal said he welcomed multiple, independent reviewers, but cautioned that such analyses can provide only a snapshot of how the software works at a given moment in time. Like phone apps and other programs, security software is frequently updated. “Even with this transparency, there’s still a level of trust you have to give the company,” said Wysopal, the chief technology officer of Vericode, a part of CA Technologies. “But this is a world we live in. There’s a supply chain. We live in a world of dynamic software, constantly updating.”
Don't Miss: Tech And Auto Show | EP17 | Xiaomi Mi Mix 2, Maruti Suzuki S-Cross & More
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Subscribe to Moneycontrol Pro and gain access to curated markets data, trading recommendations, equity analysis, investment ideas, insights from market gurus and much more. Get Moneycontrol PRO for 1 year at price of 3 months. Use code FREEDOM.
Recommended For You
- Having Multiple Husbands May Be a 'Wise Strategy' For Women, Claims Study
- How Dare Someone Constantly Make Us Soft Targets: Karan Johar Reacts Angrily to Drug Party Claims
- Jio Effect: Hathway 100Mbps Plan Priced at Rs 699, Play Box Android TV Box Available at Rs 899
- Anushka Sharma's Gorgeous 'Sun-kissed' Pic Gets Most Romantic Comment from Virat Kohli
- Labuschagne Replaces Smith to Become First Like-for-like Substitution in Cricket