September 14, 2017
Five Years Trudging Through the Evolving Geopolitical Minefield.
[Originally published at Forbes]
“The hardest thing of all is to find a black cat in a dark room, especially if there’s no cat.”
– Ancient wisdom, commonly attributed to Confucius
For nearly five years, Kaspersky Lab has been in the line of fire from a handful of sources, which falsely report that we have covert and unethical ties to government organizations, possibly pose a threat to U.S. national security and/or our U.S. business is failing. That’s half a decade of news investigations, assumptions, hearsay, rumors, manipulations of publically available data, anonymous sources, conspiracy theories and fabrications. After five years – how much proof and concrete facts have they come up with? None. Nada. Zero. Zilch!
And unfortunately, yesterday, a U.S. government agency sent out a directive for federal agencies telling them to stop using our products. I guess the good news is that U.S. government sales have not been a significant part of the company’s activity in North America. So, while unfortunate, we’ll continue to keep our focus on protecting our real customer base, enterprises and consumers.
Why are all these events occurring, you ask?
As I’ve stated numerous times, there is no evidence to confirm these false media reports, because Kaspersky Lab does not have inappropriate ties to any government.
In a way, I’m thankful for such an elaborate, long-term audit that’s found nothing amiss, but if anything is helping to verify my company’s commitment to transparency. As our customers and partners know firsthand, transparency and trust are the foundations of our 20-year-old business, and these guiding principles will never change, regardless of geopolitical tensions or inaccurate media representations.
During recent months, the heat has been cranked up several notches, as Kaspersky Lab became a talking point during U.S. Congressional hearings in which government officials express their concerns about KL’s products. But similar to sensational media reports, there’s a lack of facts or proof to validate any potential concerns, given that we haven’t done anything wrong.
In fact, I’ve repeatedly offered to meet with government officials, testify before the U.S. Congress, provide the company’s source code for an official audit and discuss any other means to help address any questions the U.S. government has about Kaspersky Lab – whatever it takes, I will do it. And I look forward to working with any agency or government officials that are interested.
And while we continue to suffer from these meritless accusations, the U.S. government continues to take actions against our products. These moves have even led to reports of a former national security expert agreeing that Kaspersky is being treated unfairly. In addition, serious concerns have been raised by some of the actions among cybersecurity experts, journalists and analysts as it violates an established transparency and due process for government contractors, breaks the presumption of innocence principle and sets up a very disturbing precedent that fuels national cyber protectionism.
So what exactly is going on? Well, it looks to me like the reason for being shunned (despite our many offers to assist) can only be one thing: geopolitical turbulence.
Whenever there are tensions at the government level, the business is always the one to suffer. But what is there to do when the selected target (my company) happens to provide the best cybersecurity products and cyberthreat research in the world? There is only option left: concentrate on the origin of the given company.
A recent article in the Washington Post sheds some light on the possible prime cause of the situation, which was being considered during the former president’s administration:
Despite a lack of evidence as to the reasons why we’re being targeted, one thing does seem to be crystal clear: we are caught in the middle of a geopolitical fight. And there will never be any evidence to prove these false accusations against us since we’re innocent; but instead you’ll just continue to see a lot of unfounded allegations, conspiracies and theories – which are alarmingly and unfortunately contagious.
As I’ve said before, it’s not popular to be Russian right now in some countries, but we cannot change our roots, and frankly, having these roots do not make us guilty.
Perhaps what’s most unsettling of all is that other cybersecurity companies from other countries may soon be in the same position as us. Geopolitical debates don’t need truth; blame can be assigned by default without any evidence.
Let’s take a look at the even bigger picture — these reckless actions can negatively impact global cybersecurity by limiting competition, slowing down technology innovations and ruining the industry and law enforcement agency cooperation required to catch the bad guys.
For several years, the landscape has become even more treacherous for companies caught in the minefield of geopolitics, and as a result, different businesses have become unwitting pawns in the game of high-level geopolitical chess. Australia bans China, the U.S. bans Russia, Russia bans the U.S., China bans everyone…sometimes I can’t believe my eyes when I read what’s going on in the 21st century. Why are countries ceasing to cooperate in the fight against the common cybercriminal enemy?
Tackling cybercriminals is possible only if we – the good guys – can overcome national boundaries, just as the cybercriminals do. Only joint efforts by law enforcement agencies of different countries can lead to success, and during recent years, thanks to such cooperation many cyber-villains have been put behind bars. That’s why we legally cooperate with cyber-police of different countries, and also international organizations like INTERPOL and Europol. Without cooperation, there won’t be any coordinated actions against cybercrime; consequently, there’s impunity for the cybercriminals and cyberattacks continue to thrive. People, businesses and economies all suffer.
I see how the fragile foundations of international cooperation in cybersecurity are splitting at the seams. Relationships between some countries are being pushed back 15 years. It’s not clear when the seemingly interminable geopolitical storm will pass, or how long it will take to reestablish good working relationships.
Who will win from the Balkanization of the security industry? Yes, that was a rhetorical question.
In any situation, it’s possible to find the positive. Thanks to this long-winded geopolitical storm, we’ve become more transparent than any other cybersecurity company in the industry. We’ve rallied around our company cause like never before, and our employees continue to stand with their heads held high knowing we will prevail in the end.
Despite the challenges, we continue to protect our users around the globe from any cyberthreat there is, regardless of its origin or intention. Now let me get back to work – there’s always much to do when saving the world from cyberthreats.
Politics is a dirty sport, sad to see it shape #cybersecurity. @e_kaspersky comments on recent DHS directiveTweet