Tag Archives: law enforcement

Me, myself and INTERPOL.

How I would love to just visit Singapore as a tourist! To stay here for a week, wander around the city … But not running, running, gunzo-shigoto-arbeiten, meetings-presentations-more meetings and other work-trabajo-labor and so on in various other languages. Alas, not this time. It was more like this…

You wake up in the morning after the Starmus conference and realize that you can only dream of a bit of peace and quiet. From a sweltering Switzerland we immediately head (you could say without regaining consciousness) east for an equally hot Singapore. That’s where the INTERPOL World 2019 exhibition/conference is being held. It’s an event that brings together representatives of state, non-government and private sectors from INTERPOL member countries.

I talk a lot about the importance of international cooperation between law enforcement agencies and private cybersecurity organizations. Cybercrime knows no geographical boundaries, which is why it’s necessary to act together to fight it. It’s just that there’s a bit of a worldwide problem nowadays with this “together” thing. So, any real, ongoing initiatives aimed at international cooperation are worth their weight in gold! And we’re proud of our many years of work with INTERPOL. Since 2014, we’ve been a strategic partner, signed our first cooperation agreement and supported the opening in Singapore of the Digital Crime Center as part of the special IGCI (INTERPOL Global Complex for Innovation) unit dealing with cybercrime investigations. This center is where the technical side of INTERPOL’s investigations are conducted.

And, so, on July 3 in Singapore, we extended the cooperation agreement with INTERPOL for five years. Good work chaps!

Read on…

Five Years Trudging Through the Evolving Geopolitical Minefield.

[Originally published at Forbes]

“The hardest thing of all is to find a black cat in a dark room, especially if there’s no cat.”
– Ancient wisdom, commonly attributed to Confucius

For nearly five years, Kaspersky Lab has been in the line of fire from a handful of sources, which falsely report that we have covert and unethical ties to government organizations, possibly pose a threat to U.S. national security and/or our U.S. business is failing. That’s half a decade of news investigations, assumptions, hearsay, rumors, manipulations of publically available data, anonymous sources, conspiracy theories and fabrications. After five years – how much proof and concrete facts have they come up with? None. Nada. Zero. Zilch!

When politics use the news to shape facts, no one wins

And unfortunately, yesterday, a U.S. government agency sent out a directive for federal agencies telling them to stop using our products. I guess the good news is that U.S. government sales have not been a significant part of the company’s activity in North America. So, while unfortunate, we’ll continue to keep our focus on protecting our real customer base, enterprises and consumers.

Why are all these events occurring, you ask?

As I’ve stated numerous times, there is no evidence to confirm these false media reports, because Kaspersky Lab does not have inappropriate ties to any government.

In a way, I’m thankful for such an elaborate, long-term audit that’s found nothing amiss, but if anything is helping to verify my company’s commitment to transparency. As our customers and partners know firsthand, transparency and trust are the foundations of our 20-year-old business, and these guiding principles will never change, regardless of geopolitical tensions or inaccurate media representations.

Geopolitical debates don’t need truth; blame can be assigned by default without any evidence

During recent months, the heat has been cranked up several notches, as Kaspersky Lab became a talking point during U.S. Congressional hearings in which government officials express their concerns about KL’s products. But similar to sensational media reports, there’s a lack of facts or proof to validate any potential concerns, given that we haven’t done anything wrong.

In fact, I’ve repeatedly offered to meet with government officials, testify before the U.S. Congress, provide the company’s source code for an official audit and discuss any other means to help address any questions the U.S. government has about Kaspersky Lab – whatever it takes, I will do it. And I look forward to working with any agency or government officials that are interested.

And while we continue to suffer from these meritless accusations, the U.S. government continues to take actions against our products. These moves have even led to reports of a former national security expert agreeing that Kaspersky is being treated unfairly. In addition, serious concerns have been raised by some of the actions among cybersecurity experts, journalists and analysts as it violates an established transparency and due process for government contractors, breaks the presumption of innocence principle and sets up a very disturbing precedent that fuels national cyber protectionism.

So what exactly is going on? Well, it looks to me like the reason for being shunned (despite our many offers to assist) can only be one thing: geopolitical turbulence.

Whenever there are tensions at the government level, the business is always the one to suffer. But what is there to do when the selected target (my company) happens to provide the best cybersecurity products and cyberthreat research in the world? There is only option left: concentrate on the origin of the given company.

A recent article in the Washington Post sheds some light on the possible prime cause of the situation, which was being considered during the former president’s administration:

Despite a lack of evidence as to the reasons why we’re being targeted, one thing does seem to be crystal clear: we are caught in the middle of a geopolitical fight. And there will never be any evidence to prove these false accusations against us since we’re innocent; but instead you’ll just continue to see a lot of unfounded allegations, conspiracies and theories – which are alarmingly and unfortunately contagious.

As I’ve said before, it’s not popular to be Russian right now in some countries, but we cannot change our roots, and frankly, having these roots do not make us guilty.

Perhaps what’s most unsettling of all is that other cybersecurity companies from other countries may soon be in the same position as us. Geopolitical debates don’t need truth; blame can be assigned by default without any evidence.

Let’s take a look at the even bigger picture — these reckless actions can negatively impact global cybersecurity by limiting competition, slowing down technology innovations and ruining the industry and law enforcement agency cooperation required to catch the bad guys.

For several years, the landscape has become even more treacherous for companies caught in the minefield of geopolitics, and as a result, different businesses have become unwitting pawns in the game of high-level geopolitical chess. Australia bans China, the U.S. bans Russia, Russia bans the U.S., China bans everyone…sometimes I can’t believe my eyes when I read what’s going on in the 21st century. Why are countries ceasing to cooperate in the fight against the common cybercriminal enemy?

Tackling cybercriminals is possible only if we – the good guys – can overcome national boundaries, just as the cybercriminals do. Only joint efforts by law enforcement agencies of different countries can lead to success, and during recent years, thanks to such cooperation many cyber-villains have been put behind bars. That’s why we legally cooperate with cyber-police of different countries, and also international organizations like INTERPOL and Europol. Without cooperation, there won’t be any coordinated actions against cybercrime; consequently, there’s impunity for the cybercriminals and cyberattacks continue to thrive. People, businesses and economies all suffer.

I see how the fragile foundations of international cooperation in cybersecurity are splitting at the seams. Relationships between some countries are being pushed back 15 years. It’s not clear when the seemingly interminable geopolitical storm will pass, or how long it will take to reestablish good working relationships.

Who will win from the Balkanization of the security industry? Yes, that was a rhetorical question.

In any situation, it’s possible to find the positive. Thanks to this long-winded geopolitical storm, we’ve become more transparent than any other cybersecurity company in the industry. We’ve rallied around our company cause like never before, and our employees continue to stand with their heads held high knowing we will prevail in the end.

Despite the challenges, we continue to protect our users around the globe from any cyberthreat there is, regardless of its origin or intention. Now let me get back to work – there’s always much to do when saving the world from cyberthreats.

Politics is a dirty sport, sad to see it shape #cybersecurity. @e_kaspersky comments on recent DHS directiveTweet

Flickr photostream

Instagram photostream

Catching the Phishes.

I’m not completely sure why, but  somehow since the invention of the Internet, there has always existed a stereotypical attitude towards all things WWW. That attitude sees the net as little more than a toy, while the viruses that come with it are put down to mere playing about at best, and just hooliganism at worst. However, the reality is quite something else – especially lately.

Remember Cascade and other similar viruses? Ah, so naïve and innocent compared to what was to come… Fast forward a couple of decades and the bad guys started stealing data, Trojanizing computers for zombie networks to perform distributed attacks, and milking bank accounts. And today we’ve arrived at attacks on industrial, infrastructural and military systems. Some toy!

We need to get away from such a stereotype ASAP. Faulty impressions give cybercrime a romantic aura, which in turn attracts the younger generations of would-be cybergeeks-come-cybercriminals – who can’t seem to grasp the seriousness of their “fun” or understand how many years they could face in jail.

Then there’s another stereotype: that computer crime pays, and the perpetrators don’t get caught. Romanticism! Ok, it’s true that several years ago in many countries computer crime was in fact not all that often prosecuted; however, now that situation has changed: the law enforcement bodies have both the experience and know-how required, have made great strides in terms of cyber-criminalistics (cyber-CSI stuff), and have established good working relations with professionals, all leading them to now being able to solve one hi-tech crime after another.

We are always ready to assist national and international law enforcement agencies if they request it. I think the development of such cooperation is crucial for the successful fight against cybercrime – as security companies are the ones that possess the necessary knowledge.

Now, let me give you an illustrative example of how it works in Russia.

More: Catching the phishes …

Enter your email address to subscribe to this blog

SOPA-Dodger.

– or why have we decided to withdraw from the Business Software Alliance (BSA).

Hi all!

Recently the US blogosphere has become increasingly alarmed by the new Anti-Piracy Act – Stop Online Piracy Act or SOPA. Discussions of the topic are, to put it mildly, quite frank, with comments like: “These idiots are coming for your internet” (read here).

What is SOPA?

It is support for and development of something that is currently very relevant – the protection of intellectual property. Ladies and gentlemen, this really is important! “Thou shalt not steal,” as the Bible says! An author – or more often than not, a team – spends sleepless nights writing a book, composing music, shooting a film, creating software or testing software packages. Doesn’t that deserve a financial reward? Yes or no? Think before you answer – someone could well ask the same question about your profession… So?

More: A vinyl-age law for Internet? …

It’s the End of the Net as We Know It.

Hi everybody!

Time to tell you about a bunch of really exciting events I’ve been to over the past few weeks. It’s been a fairly crazy mini-tour covering Geneva, Dublin and London non-stop. Two or three days in each city and each time talking to some very interesting people on all sorts of hot topics.

It all started with the United Nation’s International Telecommunication Unit (ITU) meetings in Switzerland. The organization is showing great progress towards developing a common approach to fighting cybercrime on an international level. However, I’m afraid I can’t tell you any further details. It was a very hush-hush private meeting behind closed doors where we discussed some issues I can’t share with you at the moment. Nevertheless – stay tuned and soon I’ll be able to uncover some details…

Next up was Dublin and the F.ounders 2011 conference, which we’ve already mentioned here.

Last stop – the London Conference on Cyberspace. This was quite something – in fact, it unexpectedly turned out to be this year’s best event I was involved in!

The conference, organized by the British Foreign Office, took place on November 1-2 in the Borough of Westminster. I would like to thank the British Foreign Secretary and First Secretary of State William Hague for his personal invitation to me to take part in the event. I must say it was a surprise to find myself as the only “boss” from the IT security industry to address the audience. But then on the other hand I think the Foreign Office made the right choice – big-wigs from competitors would only have given the audience the same old BBB (Boring Business Blah blah blah) and spoiled the event!

Eugene Kaspersky at the London Conference on Cyberspace

More > Saving the Internet in London …

Law-abiding Cyber-folk of the World – Unite!

All-righty! Here we are with the latest news.

What we have been for ages talking about, explaining, and encouraging, at last is finally showing some signs of actually being put into practice.

A new body – the International Cyber Security Protection Alliance (ICSPA) (news, site)  – has been founded in London: an international non-commercial organization that brings together “governments, international business and law enforcement bodies, including Europol”. The aim of the new organization is simple: to tackle nationalistic narrow-mindedness, unite parochial strengths, and fight cyber-crime on a global level – together.

This is what we’ve been been advocating constantly for more than ten years. It’s impossible to tackle international criminals with traditional methods alone, when every country just thinks of itself, covers its own backside, and the rest of the world can go whistle.

Read more > United we stand