Kaspersky ban undermines global fight to combat cyber threats: Experts

The US decision to completely ban the use of Kaspersky Lab, one of the world’s leading anti-virus software, is rooted in geopolitics rather than protecting consumers’ interests, experts tell TRT World.

President Joe Biden’s administration announced on June 20 that the software giant owned by Russian tech executive Eugene Kaspersky will no longer be able to sell its products and services, including vital software updates, to American customers.

Authorities have encouraged consumers to switch to alternatives before September 29, which stands to benefit Kaspersky rivals like McAfee.

The official statement of the US Department of Commerce that announced the ban did not cite any specific reasons or instances of sabotage that prompted the unprecedented measure. Instead, it only said that Kaspersky poses ‘risks’ to US national security.

“This is more of a geopolitical move than protecting the consumers. If they wanted Kaspersky to continue with its business, the US had the mechanism to keep a check on the company,” says David Glance, the director of the University of Western Australia’s (UWA) Centre for Software Practice.

“They could have asked to verify Kaspersky’s code or insisted that customers’ data be held at centres in other countries. Kaspersky is already storing some customer data in Switzerland.”

Kaspersky says its software is used by more than a billion devices and that it has over 220,000 corporate clients. The company is headquartered in Russia but has offices in other countries.

In 2020, data from its customers in the US, Europe, Canada, Australia, India, Pakistan, Japan, and other countries was shifted to facilities in Zurich.

Any suspicious files found on the computers of Kaspersky users are uploaded for analysis at processing centres in Zurich rather than in Russia.

In recent years, Kaspersky has attempted to distance itself from Moscow.

The company was prompted to transfer the data to Zurich after former US President Donald Trump’s administration in 2017 decided to prohibit government agencies and officials from using the software. However, Kaspersky continued to serve individuals and companies in the US.

It created transparency centres, including one in Istanbul, where governments can review the company’s software code and allow third-party assessments of its inner workings.

However, says Glance, none of these measures matter to security hawks in the US, which has imposed similar unilateral curbs on Chinese tech firms Huawei and TikTok.

The US has imposed a broad range of economic sanctions on Russia since the Ukraine war broke out in February 2022. Washington is also spending tens of billions of dollars to arm the Ukrainians.

A security override

For several years, news articles have appeared in the US media, raising concerns about Eugene Kaspersky’s ties with the Russian state.

In the 1980s, Eugene studied at the Moscow-based Institute of Cryptography, Telecommunications, and Computer Science, which was administered by the KGB, the former Soviet Union’s secret service.

His past is often cited as evidence of his connection with the Russian security apparatus. This is reminiscent of the criticism against Huawei’s founder, Ren Zhengfei, who once worked as an engineer for the Chinese military.

While the companies have faced censure, no concrete evidence has ever surfaced showing that Kaspersky and Huawei products have been used to spy on people.

“In the best of worlds, an action against Kaspersky would have merited some solid evidence. But states now are saying ‘we would rather be safe than be sorry’,” says Olav Lysne, a Norway-based computer scientist and author of The Huawei and Snowden Questions.

At the same time, Russia has been a source of cyberattacks against European institutions since Moscow illegally annexed Ukraine's Crimea in 2014 in a move that hasn't been recognised by most of the world's nations.

Lysne says these cyberattacks were carried out by entities affiliated with the Russian state. In 2020, the emails of Norwegian parliament officials were hacked, and Oslo blamed Moscow for it.

Hackers based in Russia have also been accused of carrying out attacks against Ukraine’s electricity infrastructure and interfering in the US elections.

In a statement, Kaspersky said the US decision was based on “present geopolitical climate and theoretical concerns” and that it was taking a legal course.

“Kaspersky provides industry-leading products and services to customers around the world to protect them from all types of cyber threats, and has repeatedly demonstrated its independence from any government,” the statement said.

While it’s unlikely that Kaspersky as a private company will jeopardise its $750 million business by passing on customer information to the Russian government, what remains unclear is its capacity to resist Moscow.

“If you ask the business-oriented people within Kaspersky, of course, they will not get anywhere close to a situation where any government would be able to coerce them into this,” says Lysne.

“The question remains: is it possible for the Russian government to coerce Kaspersky into doing this?

“Frankly, I do not know.”

Hacked into pieces

For Olav Lysne, the Kaspersky episode resonates on a personal level.

His oldest daughter was born in 1991, right after the Berlin Wall came down. The Cold War had ended, and the world was embracing globalisation. McDonald's opened restaurants in Russia, and within a few years, millions of Americans began using Kaspersky antivirus software. Transnational cooperation and trade flourished.

A month ago, Lysne’s granddaughter was born into a different world where states are putting up barriers to trade and information sharing.

“This is immensely sad.”

Europe and American allies in the NATO alliance would probably follow suit in banning Kaspersky, he says.

As a technologist, Lysne has closely studied how backdoors can be installed in different IT products to hack electronic systems.

Years of work have made him realise that it is almost impossible to find backdoors or hidden traps in modern electronic gadgets, which are made up of millions of very tiny components.

“We cannot investigate it to the bottom, meaning that we're left with trust. We must ask ourselves whether we trust the people who make the products and services,” says Lysne.

Trust in the integrity of electronic hardware and its software has helped companies serve customers across jurisdictions.

With the US ban on Kaspersky, customers outside of America might start to question the credibility of the antivirus software. This will badly limit the collaboration that cybersecurity firms have relied on to fight computer malware and viruses, says UWA’s Glance.

“Besides the antivirus software that they sell, Kaspersky has been an active member of the global cybersecurity community, analysing, identifying and telling the world about malware and online threats.”

Kaspersky was among the first companies to identify the WannaCry ransomware attack in 2017, he says. “From a security perspective, the ban makes the world less safe.”

The ban on the Russian cybersecurity giant comes at a time of creeping protectionism where governments support homegrown firms over foreign rivals.

McAfee, the American antivirus provider, offers Kaspersky customers a discount if they switch to its software.

“My argument is if the Americans are busy shutting down all of the opponents, then who's gonna protect us from the Americans? So I think it's always wise to have a few options,” says Glance.