- Eugene Kaspersky, CEO of Kaspersky Labs, maintains that the allegations that Kaspersky products are used for cyber espionage are only a result of the current, "geopolitical situation," according to a company announcement.
- Kaspersky made clear that there is still "zero technical data" to prove Kaspersky software can be used to spy on its customers, he said in a YouTube video on the company's channel. There remains no evidence or naming of specific models, offsets in binary code or in database records, he said. The company is offering total transparency and source code inspection by third parties.
- All products and databases are "openly accessible on public servers," open to expert investigation, including older products and updates. Kaspersky brought third-party experts in to review its systems for bugs and backdoors following an espionage malware attack in 2015.
Kaspersky claimed that the recent allegations seem to be rooted in damaging the security software provider's reputation without the opportunity to prove innocence through proper due process.
Though suspicions are mounting against the Russian-based security provider, no concrete evidence has been made public by U.S. officials. The Department of Homeland Security (DHS) issued an agency-wide requirement to remove all Kaspersky Lab products from U.S. federal computer networks.
The ban prompted U.S. companies including Best Buy and Office Depot to remove products from its shelves and offer free alternatives to customers with Kaspersky software. It is unknown when or if the private sector will follow suit but the DHS maintains that its regulations cannot be implemented on corporate America. A DHS official said that while the agency can direct their risk assessments, "other entities [have] to make their own risk management decision."
The only publicly reported account of potential Russian espionage through Kaspersky products occurred earlier this month.The hack allegedly leaked U.S. cyberwar strategies from the National Security Agency. Kaspersky refuted the report.
However, Rick Ledget, former deputy director at the NSA claims Kaspersky's promises to be transparent are not enough to put accusations to rest. Within the user agreement, customers sign and therefore give the software vendor permission to access and retrieve files for scanning. While this is appropriate protocol to scan for potential malware, the case for espionage becomes blurred.