Russian cyber security firm Kaspersky Lab said on Wednesday it had fallen victim to geopolitical sparring between Russia and the United States, and responded to "inaccurate statements" published in a Bloomberg Businessweek article earlier this week.
The Trump administration on Tuesday removed Moscow-based Kaspersky Lab from two lists of approved vendors used by government agencies to purchase technology equipment, amid concerns its products could be used by the Kremlin to gain entry into U.S. networks.
Reffering to the recent article, Kaspersky Lab said that the
facts were "misconstrued to fit in with a hypothetical, false theory," adding that "Kaspersky Lab, and its executives, do not have inappropriate ties with any government," although
it does "regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime."
"In the internal communications referenced within the recent article, the facts are once again either being misinterpreted or manipulated to fit the agenda of certain individuals desperately wanting there to be inappropriate ties between the company, its CEO and the Russian government, but no matter what communication they claim to have, the facts clearly remain there is no evidence because no such inappropriate ties exist."
The article are claimed that Kaspersky's licensing agreements allow customers to quietly embed the software in everything from firewalls to sensitive telecommunications equipment-none of which carry the Kaspersky name.
Kaspersky Lab said that the licensing agreements permit the company's partners to embed Kaspersky Lab's anti-malware engine into their own solutions, and once Kaspersky Lab products are included, these vendors are responsible for publicly communicating all the external products used in their offering.
The Bloomberg Businessweek also quoted "internal company emails" which showed that Kaspersky Lab "has maintained a much closer working relationship with Russia's main intelligence agency, the FSB, than it has publicly admitted."
Kaspersky Lab responed saying that the reported emails "show no such link, as the communication was misinterpreted or manipulated to try to make the media outlet?s narrative work."
The publication also accused Kaspersky Lab of developing "security technology at the spy agency's behest and worked on joint projects the CEO knew would be embarrassing if made public."
Kaspersky Lab 's response is the following:
"It's important to be clear, the company never received a request from the Russian government, or any affiliated organization, to create or participate in ANY secret projects, including one for anti-DDoS protection. In the mid-to-late 2000s, Kaspersky Lab was already working to put together an anti-DDoS offering as well as asking customers, prospects and channel partners about this type of solution, and the Russian anti-cybercrime unit told the company that they considered DDoS attacks an emerging and serious threat. Since there was a strong market need, Kaspersky Lab invested in the R&D required to finish fully developing the solution, which is what Eugene Kaspersky indicated in the internal communications referenced by the publication. To clarify, the FSB is not currently, and never was, a Kaspersky Lab DDoS Protection client. Also, while developing the anti-DDoS product, Eugene Kaspersky made it clear in his internal communications that he did not want any possible leaks, as attackers could learn how to bypass the technology measures if public, and he didn't want competitors to copy it before it could be launched.
Kaspersky Lab added that it has never confirmed the emails the media outlet claims to have are authentic, as the media outlet refused to share them with the company for validation to protect an anonymous source.
Bloomberg wrote that Kaspersky provides the FSB with real-time intelligence on the hackers' location and sends experts to accompany the FSB and Russian police when they conduct raids.
Kaspersky Lab says it assists law enforcement agencies around the world with fighting cyberthreats, including those in Russia, by providing cybersecurity expertise on malware and cyberattacks. "When assisting in official Russian cybercrime investigations, in accordance with Russian law, we only provide technical expertise throughout the investigation to help them catch cybercriminals. Concerning raids and physically catching cybercriminals, Kaspersky Lab might ride along to examine any digital evidence found, but that is the extent of our participation, as we do not track hackers' locations. Kaspersky Lab doesn't provide any government agencies, nor other parties, with information on location of people and doesn't gather "identifying data from customers' computers" because it is technically impossible."
Last but not least, Bloomberg reported that the project lead was Kaspersky Lab's chief legal officer, Igor Chekunov, a former policeman and KGB officer.
Kaspersky Lab says that Chekunov worked for the Border Service in the Soviet Union - serving obligatory military service for two years. At that time, the Border Service was a part of KGB structure.