Cybersecurity expert Eugene Kaspersky has offered to hand over his global company’s code to US authorities as he fights to clear his company of claims of cyber espionage.
Several US authorities reportedly have stopped using Kaspersky Lab security software whose use is under review following claims that Russia could use coding “backdoors” to spy on US agencies.
Mr Kaspersky says no one has offered any evidence to support the claim which was totally unfounded. He has offered to testify in the US and says he is willing to hand over code to authorities so that his software can be scrutinised.
Mr Kaspersky is a keynote speaker at the CeBIT Australia business technology fair in Sydney and took time out to discuss the case with The Australian.
He said it would be “suicide” for Kaspersky Lab to help any country by planting vulnerabilities in security software used by US government agencies. “It’s suicide. It would not only kill the business, but you’d have to save your life somewhere in a jungle, in the Amazon River or in Siberia,” he told The Australian.
“It is not true.” Not only would he give evidence, but he would “give them the source code for checking”, he said.
“When we have government contracts, in some cases we’re asked to disclose our technologies. And we do it.”
Mr Kaspersky hit back at a claim that some employees were corrupt and could be Russian spies compromising his software.
“We do have former employees from the Russian defence, from the European defence, from the Israeli defence and from different countries. The people are coming to get a job and they are good guys. They’re not working on defence anymore.
“I don’t have any case of an employee doing something like that.”
“And it’s not possible to inject the code because people are watching.”
When asked if the claims were the result of paranoia, or a smear campaign, Mr Kaspersky said: “I don’t know exactly, but sometimes it smells like some guys are not happy with our success.”
At the State level, the US intelligence community has accused Russia of launching massive cyber attacks to undermine Hillary Clinton’s campaign in last year’s US presidential election.
Mr Kaspersky acknowledged that cyber crime is a very profitable activity in Russia.
“Russia is very rich in computer talent, thanks to the Russian education system,” Mr Kaspersky said. “Russia has many companies that are working in IT. Mostly their work is outsourced, they’re working for Western companies such as United States.
“Unfortunately some of them become criminals. It’s like a broken mind. You’re well educated but you look for some tricky way to earn your money. Unfortunately cybercrime is a very profitable business and many of them are millionaires.”
But he said Russia wasn’t the major source of cyber criminals.
“We have cyber crime in every nation. The most cybercrime comes from Chinese speaking (regions). Then there’s Spanish and Portuguese, and then Russian. But if you’re speaking about very professional cybercrime, the most sophisticated speak Russian.
“They’re from Russia, from Ukraine, from Kazakhstan, the Baltic countries and from Silicon Valley.”
He said international agreements and co-operation between police services across the globe was the only way to fight cybercrime.
He said he didn’t expect variants of last week’s WannaCry cyber attack to be as devastating in future. “Most customers have fixed the problem. The computers that were affected, most of them now are patched. And second, the security vendors who missed that, they have fixed the products. So most of the computers are now protected.
“So the next generations of this malware will affect less and less computers until it disappears completely.”
But he expected attacks against large industrial systems to increase. And the increasing number of devices attached to networks as part of the Internet of Things meant more vulnerabilities.
“The worst case scenario is attacks on infrastructure, the power grid … and health care services.”
He said there was no doubt many of the cyber attacks in the world were state-sponsored. “With espionage, with state-sponsored attacks, we see the tools, but we don’t know how many victims there are.
“With the tools are mostly in native English, native English, operating in the Atlantic time zone, Native Russian active in the eastern time zone, and simplified Chinese. They are the three major sources of sponsored attacks, But I cannot point a finger at (an individual) country.
“And then, German, French, Spanish, Arabic, Korean and many others.”
He said the increased tension in the world was likely result in increased cyber attacks “but I hope that we never see cyber wars. I’m afraid about terrorist (cyber) attacks — cyber sabotage”.
Mr Kaspersky was educated at a KGB facility in the 1980s and served as a software engineer with Soviet military intelligence but has worked in the private sector since 1991. Mr Kaspersky, his wife and two other partners founded Kaspersky Lab in 1997.
Mr Kaspersky said he didn’t trust biometric authentication with the 3D printers of the future likely to undermine it as a form of authentication.
Reader comments on this site are moderated before publication to promote lively and civil debate. We encourage your comments but submitting one does not guarantee publication. We publish hundreds of comments daily, and if a comment is rejected it is likely because it does not meet with our comment guidelines, which you can read here. No correspondence will be entered into if a comment is declined.
