The Demonization of Kaspersky

Last week, the US government decided that they should remove Kaspersky Lab’s antivirus products from government computers. I agree with this decision, but not for reasons you may think. I’ll explain this later on so please continue.

Prior to selling my consulting company, we sold a lot of Kaspersky products as well as Symantec, McAfee, Sophos, Eset and others. I’ve even met Eugene Kaspersky at many events, although I doubt he could remember my name or pick me out of a crowd. I never met anyone who could be under the pressure he’s under and still sound as passionate about fighting those who would murder the internet for money.

Your honors, let me lay out the case for the prosecution.

·       Kaspersky went to a KGB funded school.

·       He purposely installed fake virus signatures into an antivirus pool.

·       He works in a country that tried to kill everything free people have fought for over many decades, and threatens us once again.

·       He knows Putin and has close ties to the Kremlin.

That’s it? Your honors, based on this flimsy evidence I request that all charges be dropped. No? Ok then. Let’s discuss this.

For the defense, I lay out the following facts:

Eugene Kaspersky went to school during the Soviet Union days. If you wanted to study higher learning such as mathematics, you had to go to a school that was government sponsored. Everything was owned by the government then. You couldn’t even own your own home if you lived there. Of course the KGB would fund it. They wanted the top students to have in their organization. There was a cold war on you know. Are all students of Iranian universities our enemies? I doubt it. Most of them would jump at the chance to come to the US if offered. Does just being alive in a certain country at a certain time make us hate? MIT also receives money from the US government. Are they all enemies of Russia for attending? Flimsy evidence will get this case thrown out.

For point two, you need to have some very interesting background information. There was an agreement a long time ago between antivirus companies to avoid duplicating work so they could keep up with the barrage of viruses they saw every day. Once an antivirus signature was written, it would go to a shared storage where other antivirus companies would also place their work. It made the world a better place because antivirus files would reach all computer owners much more quickly regardless of what product they bought.

“Good deeds don’t go unpunished” is something I have found to be true in many business cases. Some unscrupulous companies would simply pluck out all the antivirus signatures and never do any work themselves. Kaspersky was sick of other people selling his work under other names so he planted two benign files into the pool to see who was using them and prove to the community who was doing the work and who was stealing it. Once it was found out who it was, he tried to coax those companies into doing the right thing. But the good deed was turned against him. Ignorant and click baiting websites decided that they would vilify him without understanding the facts.

Are you embarrassed yet that this case is even still on the docket? If not, then we will continue. It is absolutely true that he works in the country known as the “Evil Empire” by President Reagan. I personally hated the fact that I believed with all my heart that the Russians would never let me become an adult due to a nuclear war that was surely going to happen. It was a tough thing to grow up thinking this way. We pretended like we were going to one day be adults, but we all knew it was folly and we would all be dead. We’re glad it turned out better than that. Now, Russia appears to be threatening the world once again, and we no longer consider them our friends. Do you remember after the collapse that they even requested to be considered to be in NATO? Good times.

That, along with the ties to Putin and the Kremlin are certainly the most damning evidence to the US government. Russia even has a law that basically says they can take over any company’s files at any time and inject their agenda into that company. They have already done this in the oil and other industries. It would be a juicy prize to have all computers running a Russian antivirus to take over Kaspersky’s company and use the software to spy or inject hideous malware on the US government computers. But there’s only one thing. It hasn’t happened. If it did the press would be all over it. Real security experts would be all over it, but that’s not what’s happening. The security experts I’ve spoken with and read are saying it hasn’t happened.

Also, Kaspersky Labs is not a Russian company. They do their work there, but Kaspersky smartly made this a UK holding company. If Vlad decides to take over Kaspersky Labs, Eugene can move everything to the UK overnight and out of Putin’s hands. No wonder Kaspersky is listed as one of the 100 most influential people in the world. He’s not stupid.

What antivirus software will you use then? Eset is made in Slovakia, a former Soviet country. Panda is made in Spain. I believe we’ve been at war with them many times in several countries. Symantec is mostly US based but uses programmers in several countries, which is also what McAfee does. There are no US only antivirus companies. The world doesn’t work that way anymore.

Kaspersky decided he would offer his most valuable possession, his source code. He offered it to the US government to smash open and see what’s inside to prove he’s not a spy. Let me tell you what that means to the lay person. Several years ago, Kaspersky’s son was kidnapped. They didn’t want money. The wanted his source code so they could infect the world and make trillions of dollars. They could make far more money with his source code then they could ever make with a paltry ransom demand of cash. Fortunately, his son was saved and the kidnappers were killed. His source code is the gift he’s giving the US government to prove himself innocent.

Before I request a mistrial, we should consider the very beginning of this article where I said that we should not use his antivirus on government computers. It isn’t an issue of Kaspersky infecting them. I don’t believe we should use any commercial products from any country on our government computers. I don’t believe we should use any commercial computer products for our sensitive government data. The NSA has billions of dollars and is the best at creating viruses as they did with Stuxnet in Iran. It took years for that to be discovered. The NSA tools are now being distributed because of a leak and they’re wreaking havoc with companies worldwide, possibly because they used commercial products and hired contractors to take care of them.

The NSA should use that money to build their own equipment and write their own software. They already have the capability. Maybe that will keep these leaks from happening again.

I no longer sell antivirus to anyone. I am purely a high-tech project consultant, radio host, and college instructor. I have no more skin in this game. I can tell all businesses and home PC users that run Kaspersky antivirus that they are safe. Safer than most other antivirus makers for many technical reasons I see no reason to share here, but will gladly do if you invite me to.

The defense rests.

Robert McMillen

#linkedinlearning