Important: Kaspersky will stop receiving anti-virus signature updates and codebase updates in the United States after September 29, 2024. This is due to the U.S. Department of Commerce's ban on Kaspersky's products, which also required the company to stop selling new contracts in the U.S. by July 20, 2024. If you are using Kaspersky in the U.S., you should switch to a different security solution before this deadline.
Source: Kaspersky In The Shitstorm
The allegations are based on anonymous sources who provide no evidence or specifics to support their claims. The media outlets that reported the story have not verified the information or obtained any official confirmation.
The allegations contradict the ethical standards and principles of Kaspersky Lab, which does not participate in spying or assist any cyberspies or military intelligence. The company’s goal is to fight cybercrime and help law enforcement agencies catch cybercriminals.
The allegations ignore the technical details and functionality of Kaspersky Lab’s products, which do not collect personal data or secret files from users. The products have a cloud protection component called Kaspersky Security Network (KSN), which only transfers files related to malicious or suspicious files to the cloud. Users can opt out of KSN or use a private version of it.
The allegations are inconsistent with the independent research and reputable statements from other organisations, such as Interpol and BSI, which have found no supporting evidence of Kaspersky Lab performing espionage or posing any security risks. They have also affirmed the quality and comprehensiveness of Kaspersky Lab’s solutions.
Source: Kaspersky Transparency Center
Kaspersky has a Global Transparency Initiative that aims to engage with the cybersecurity community and stakeholders in validating and verifying the trustworthiness of its products, processes and operations.
Kaspersky has moved its data processing and storage to Swiss servers for users in Europe, North and Latin America, the Middle East, and several countries in Asia-Pacific. This ensures a high level of data protection and privacy.
Kaspersky has opened Transparency Centers in 10 locations around the world, where trusted partners and government stakeholders can review the company’s code, software updates and threat detection rules. They can also access essential technical documentation and learn more about the company’s practices.
Kaspersky has undergone third-party assessments and attained ISO 27001 certification for its data security systems. It has also completed the SOC 2 Type 2 audit, which confirms that the company’s threat detection rules databases are protected from unauthorized changes by strong security controls.
Kaspersky publicly shares its approach and statistics in responding to requests from global government and law enforcement agencies and users for user data and technical expertise. It also discloses information about the number of such requests by country.
Source: Kwiatkowski
Information: The author is a French national who worked for Kaspersky’s Global Research and Analysis Team (GReAT), a group of experts in cyberthreat intelligence. He claims to have no financial or material stake in Kaspersky, and that he joined the company because of its excellence in the field. He also states that his opinions are his own and not influenced by corporate communications.
The author argues that Kaspersky has nothing to hide and invites anyone to review its source code and software bill of materials in its transparency centers. He also points out that no evidence of any backdoor or hidden feature has ever been found in Kaspersky’s products, despite being scrutinized by adversaries and competitors.
The author emphasizes that working for a Russian company does not mean supporting the Russian government, especially in the context of the war with Ukraine. He explains that Kaspersky is a separate entity from the government and that it sells services to many other countries, including Ukraine. He also expresses his sympathy for the Ukrainian people and his opposition to the war.
The author assures that Kaspersky will continue to provide updates, signatures, and threat intelligence reports to its customers, regardless of the geopolitical situation. He also states that Kaspersky has contingency plans and datacenters in other countries to ensure operation continuity. He urges customers to trust Kaspersky’s products and services based on their quality and performance, not on rumors or propaganda.