back to article From network security to nyet work in perpetuity: What's up with the Kaspersky US ban?

The US government on Thursday banned Kaspersky Lab from selling its antivirus and other products in America from late July, and from issuing updates and malware signatures from October. Then on Friday, some of the software maker's top execs, excluding CEO and founder Eugene Kaspersky, were officially sanctioned by Uncle Sam. …

  1. t245t Silver badge
    Big Brother

    Apple fixes two flaws used to attack Kaspersky employees ;)

    Apple fixes two flaws used to attack Kaspersky employees

    Apple has issued fixes for two flaws in its iOS and iPadOS operating systems that were used to attack employees of Russian cyber security firm Kaspersky.

    1. Roland6 Silver badge

      Re: Apple fixes two flaws used to attack Kaspersky employees ;)

      “ Kaspersky founder Eugene Kaspersky said at the time the attack used an invisible iMessage with a malicious attachment. A number of vulnerabilities in iOS were used to install malware.

      "The deployment of the spyware is completely hidden and requires no action from the user," he wrote.”

      I wonder how many iOS devices out there that have been compromised and the users being totally unaware…

    2. Bendacious Silver badge

      Re: Apple fixes two flaws used to attack Kaspersky employees ;)

      That is news from 2023 and it was covered by el reg

      https://www.theregister.com/2023/10/26/apple_triangledb_exploit/

    3. Necrohamster Silver badge
      Facepalm

      Re: Apple fixes two flaws used to attack Kaspersky employees ;)

      That article's from a year ago, but the bigger issue is that the attackers were inside Kaspersky's network, undetected, for 3 or 4 years.

      What FSB doing?

      1. RT Harrison
        Joke

        Re: Apple fixes two flaws used to attack Kaspersky employees ;)

        Hiding inside Kaspersky's network for 3-4 years. ;)

  2. BPontius

    Hard to find anyways

    Good luck trying to find Kaspersky software, few stores even online sell it anymore. It is rare anymore to see it in Anti-virus suite rankings. I used Kaspersky for years, dropped them last year because of their virtual hardware acceleration feature required disabling a lot of Windows 11 security and virtualization. Too bad they are a good anti-virus brand.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hard to find anyways

      I've been using them for quite some time and I even had the chance to meet Eugene Kaspersky personally, but I've stopped using their products when I moved to MacOS - they were quite a load on the system.

      1. CowHorseFrog Silver badge

        Re: Hard to find anyways

        WHy does it matter if you did meet him personally ?

        Is this personality cult thing ?

        1. goblinski

          Re: Hard to find anyways

          I visited the Mercedes Benz factory in Stuttgart when we were getting an E-Class. We had a nice talk with some employees, and it was an enjoyable experience overall.

          Little did we know that we were getting into a personality cult. Thanks for clarifying that :) Whew ! No more !

          1. Anonymous Coward
            Anonymous Coward

            Re: Hard to find anyways

            A few years ago I met the guy then responsible for privacy at Audi in Ingolstadt, and he managed to impress me. Unlike Volvo, they've gone out of their way to prevent Google from data grabbing because that is A Very Bad Thing under German law.

            Can't tell you more, but personally I think Audi ought to advertise what they do. They were then already years ahead in protecting driver privacy.

          2. CowHorseFrog Silver badge

            Re: Hard to find anyways

            gob: Little did we know that we were getting into a personality cult. Thanks for clarifying that :) Whew ! No more !

            cow:

            I was questioning WHY you mentioned ONLY meeting him and you failed to mention all the other staff you met ?

            Its almost like the other staff you met are not worthy or sub-human...

            What you dont realise is you just created a two tier system....

        2. Anonymous Coward
          Anonymous Coward

          Re: Hard to find anyways

          WHy does it matter if you did meet him personally ?

          It gives you an idea of how the company came to be and how it is run, which matters in what I do.

          1. CowHorseFrog Silver badge

            Re: Hard to find anyways

            AC: It gives you an idea of how the company came to be and how it is run, which matters in what I do.

            cow:

            REALLY says who ?

            Are you really going to credit everything in the comapny to a single person ?

            SOunds a lot like North Korea and their parades and displays where everything including the sun shining is because of ONE person, and everybody else who works hard is not worthy of mentioning....

            Is that the logic that Musk is using and why he deserves that $50B bonus because only he works and everyone else does nothing ?

            1. Anonymous Coward
              Anonymous Coward

              Re: Hard to find anyways

              Are you really going to credit everything in the comapny to a single person ?

              The hint is in the remarkable similarity between the founder's surname and the company's name..

        3. Anonymous Coward
          Anonymous Coward

          Re: Hard to find anyways

          You'll notice the AC got two humblebrags in there: (1) he met Yevgeny Kaspersky, and (2) he owns a Mac

      2. Anonymous Coward
        Anonymous Coward

        Re: Hard to find anyways

        So fucking what,

        I've met utter twats in person, who were quite charming and had a lot of charisma and freindly to your face (especially when they think they can get something from you!).

        Doesn't mean they are good people.

        1. Anonymous Coward
          Anonymous Coward

          Re: Hard to find anyways

          If you don't have access to background intel, possibly, but there's a reason you have to meet people face to face at a certain level.

        2. CowHorseFrog Silver badge

          Re: Hard to find anyways

          I never labelled anyone anything.

          I was merely pointing out WHY does it matter anybody met any corporaate leader ?

          WHY only mention the leader and not anyone else they met on the day ?

      3. This post has been deleted by its author

      4. Anonymous Coward
        Anonymous Coward

        Re: Hard to find anyways

        I've been eating Subway sandwiches for quite some time and I even had the chance to meet Jared Fogle personally, but I've stopped using their products when I tried to improve my diet - they were quite a load on the digestive system.

        1. CowHorseFrog Silver badge

          Re: Hard to find anyways

          THis is precisely my point, corporate leadership and their fake branding promotes aresholes far too often.

          Instead of paying an arsehat millions, and more millions to their department of promotions sorry more arsehats they should have been giving better pay to their employees

          1. Anonymous Coward
            Anonymous Coward

            Re: Hard to find anyways

            Kaspersky, like Mcafee, started that company from scratch and was executing a share buyback together with his then wife.

            I'd say he's in control. Hence the personal meet. He's also not the only one who actually shares more of the company's income with his staff - Mark Shuttleworth did too when he sold Thawte and that has been widely reported.

            It was all relevant at the time and it was interesting, and Kaspersky was often publicly found defending the end user even when governments would have liked he did not which made him unusual.

            1. CowHorseFrog Silver badge

              Re: Hard to find anyways

              ac: Kaspersky, like Mcafee, started that company from scratch and was executing a share buyback together with his then wife.

              I'd say he's in control.

              cow: Control of what ?

              Did he really control every single line of code or did he employee thousands to do them ?

              Are you really being fair about who contributed to K s/w ?

            2. Necrohamster Silver badge

              Re: Hard to find anyways

              "I'd say he's in control. "

              He's in control of nothing.

              Russia's a mafia state in case you haven't noticed. If you're a business owner you can play along and make money, or be defenestrated.

              "Kaspersky was often publicly found defending the end user even when governments would have liked he did not..."

              Such a man of morals. Too bad he didn't have the same courage of his convictions when it came to the invasion of Ukraine

              1. CowHorseFrog Silver badge

                Re: Hard to find anyways

                Grow up, all corporate leaders will only say stuff that is advantageous to the comapny. Nothing les and nothing more, morality has nothing to do with it.

    2. Roland6 Silver badge

      Re: Hard to find anyways

      >because of their virtual hardware acceleration feature required disabling a lot of Windows 11 security and virtualization.

      That was an irritating issue, seems they did finally resolve it as no longer complaining about Hyper-V et al preventing their hardware virtualisation running on my (W10) system.

      >Good luck trying to find Kaspersky software

      Kaspersky software is available direct from their website or via their Amazon store (best prices currently from Amazon web store). It basically disappeared from general sale in 2017 after the initial warning about the use of Kaspersky by government departments. Suspect it is going to be a case of buy now or not be able to buy at all after September...

      >It is rare anymore to see it in Anti-virus suite rankings.

      Toms hardware, surprisingly included it in their May 2024 product line up. For a few years PC Mag included it, but only to use it as a benchmark for its recommendations ie. these are good products, but Kaspersky is still better, but due to the political situation we can't really recommend and thus include Kaspersky in our public table.

      1. Necrohamster Silver badge

        Re: Hard to find anyways

        >It is rare anymore to see it in Anti-virus suite rankings.

        Toms hardware, surprisingly included it in their May 2024 product line up. For a few years PC Mag included it, but only to use it as a benchmark for its recommendations ie. these are good products, but Kaspersky is still better, but due to the political situation we can't really recommend and thus include Kaspersky in our public table.

        Consumer-grade AV is very different from enterprise AV. If I'm running a 5,000 seat company or a government department I'm not buying based on what Tom's Hardware says about a consumer product.

        Kaspersky's non-existent in the enterprise space of the Western world. They dropped off the Gartner ratings in 2021/2022 because enterprise can't (and won't) buy their products, and all the sales on their Amazon store won't make the slightest bit of difference.

        1. Anonymous Coward
          Anonymous Coward

          Re: Hard to find anyways

          Wait, you have to rely on Gartner reports?

          You poor soul.

          1. Necrohamster Silver badge
            WTF?

            Re: Hard to find anyways

            Yeah I find they're more reliable than Tom's Hardware, considering I'm not buying an AV for my granny

            1. CowHorseFrog Silver badge

              Re: Hard to find anyways

              Gartners reliable ?

              THey have zero technical skills, that why they write bullshit reports. If they actually understood software in any form, like they claim they would have written the next big thing.

        2. Roland6 Silver badge

          Re: Hard to find anyways

          > Kaspersky's non-existent in the enterprise space of the Western world.

          This was the aspect of the entire case (back in 2017) that got me, I also didn’t expect government departments to be using Kaspersky; perhaps this was because of experience with UK government IT procurement. (are there any UK central/local government departments using Kaspersky?)

          Hence, like you I am skeptical about those who are strong in the consumer space as candidates for enterprise deployment. However, for standalone installs for say contractors and machines individuals use for business (BYOD), the better consumer products, such as Kaspersky are viable candidates.

          From this perspective, I wonder if part of the ban is to force US government departments to replace Kaspersky…

  3. Anonymous Coward
    Anonymous Coward

    Not a big surprise

    As the Nghia Hoang Pho incident seemed to prove that Russian intelligence has access to Kaspersky's systems enough to view whatever their AV sends back to Kapersky. Doesn't matter whether Kaspersky is itself a victim of Russian intelligence. So of course pretty much everyone outside of Russia (including China) have at least banned it from government computers. I have to wonder what's going to happen to all their employees in their Woburn MA office outside of Boston.

    1. TReko Silver badge
      Big Brother

      Re: Not a big surprise

      There is speculation that, unlike other AV vendors, Kaspersky refuses to whitelist spyware from US three letter acronym agencies.

      Perhaps they an example is being made of them? Who knows?

      1. Necrohamster Silver badge

        Re: Not a big surprise

        If you’ve attracted the attention of a three (or four) letter acronym security service, you should know they won’t need any help from AV companies to run their tools on your network.

        But anyway, isn’t Mr Kaspersky a graduate of a KGB technical school?

        1. Anonymous Coward
          Anonymous Coward

          Re: Not a big surprise

          Correct, he was actually a mathematician before he became interested in computer security, and at some point the company under his leadership came under serious fire by the Americans for refusing to whitelist their government spyware. Worse, his refusal was rather public which caused some serious and very entertaining embarrassment, and he's been quite often on the user's side of that debate. Sure, partly because it was his business, but what I liked was that his arguments were always coherent and factual which made them annoying hard to refute. As I said, very entertaining.

          I've lost track of that game (other things to do) but Kaspersky Labs were extremely good in digging out threats, analysing and reporting them and then develop counters for them. Not sure what state the company is in now, but as the US is relentlessly trying to promote it's own intercept program on the world it would not surprise me that they would eventually try to bully, blackmail and bullshit any threat to their program off the market.

          Over the years I have found several government's denunciations of any type a signal that you have to start looking what they're trying to hide. Elon Musk is not the only one trying to distract people (in his case when he has earnings calls), governments have been at it for decades.

          1. CowHorseFrog Silver badge

            Re: Not a big surprise

            Governments ?

            How come you forgot the real champion of bullshit and brainwashing ?

            the american media from news to hollywood to advertising...

          2. Necrohamster Silver badge

            Re: Not a big surprise

            "...at some point the company under his leadership came under serious fire by the Americans for refusing to whitelist their government spyware..."

            I don't believe this claim because:

            - You're an AC so your claim is worth nothing

            - You've got no citations to back up this claim

            - Nation-state threat actors don't need help from any AV company to get malware into a network (as Kaspersky Labs know, having been pwned themselves)

            Pretending to stand up to the big bad Americans may resonate with the Kremlin's useful idiots (consider yourself included AC), but everyone else would recognise this as cheap theatrics.

            1. Anonymous Coward
              Anonymous Coward

              Re: Not a big surprise

              - You're an AC so your claim is worth nothing

              Wow, it sure must be interesting to have your name in a passport. I don't envy your youth, but it would explain a few things.

              - You've got no citations to back up this claim

              It's not a claim, it's a fact. Maybe learn how to use a search engine? It's not like it wasn't well reported at the time.

              - Nation-state threat actors don't need help from any AV company to get malware into a network (as Kaspersky Labs know, having been pwned themselves)

              Nation-state actors use any method they can get their hands on. That's why, for instance, we have all these mass surveillance ideas floating around by Microsoft, as far as I can tell they have been at at this for a very long time, and we're helping them by (a) using their login system and (b) hosting in their cloud so they don't even have to bother breaching your on prem systems. But they're but one example, plenty more actors in that game.

          3. martinusher Silver badge

            Re: Not a big surprise

            Kaspersky pre-Snowden were a thorn in the NSA's side because they consistently found and published details of official malware.

            Post-Snowden the game's changed so that these days its all about analytics and the like -- there's no need to find devious ways to burrow into a system if the vendor's going to provide you with the tools and APIs to do it for you. Its also a bit moot as well because no 'adversarial' state would allow software from a US vendor like Microsoft anywhere near its systems. The focus now has to be on mobile, al least until Harmony gets enough traction to be a significant player outside China (.....and then you've got the obvious Chinese problem -- except that I think its likely that Harmony is going to be a lot less convoluted, and so correspondingly difficult to compromise, than iOS or Android).

    2. Roland6 Silver badge

      Re: Not a big surprise

      >I have to wonder what's going to happen to all their employees in their Woburn MA office outside of Boston.

      Much depends on the Global Transparency Initiative

      https://www.kaspersky.com/about/press-releases/2018_kaspersky-lab-moving-core-infrastructure-to-switzerland

      https://www.kaspersky.com/about/press-releases/2020_kaspersky-completes-its-data-processing-relocation-to-switzerland-and-opens-new-transparency-center-in-north-america

      The question is whether this new set of sanctions provides the political cover for Kaspersky UK (the holding company for Kaspersky North Americas, Switzerland etc) to become fully independent of Kaspersky Russia, without the active consent of Kaspersky executives (including Eugeny) residing in Russia and thus effectively become the commercial arm of CyberNB.

  4. jlturriff

    "For those who prefer audio, the Kettle is available as a podcast via RSS and MP3, Apple, Amazon, and Spotify. Feel free to chime in below. ®"

    How about those of us who would prefer a text transcript?

    1. Claverhouse Silver badge

      I neither watch boring videos nor listen to podcasts, but I will read. So yeah.

      1. Grogan Silver badge

        The others take up more time (and often waste... with umms, ahhs and repetitions, vain waffling etc.)

        With text, I can first gauge my interest level by skimming. If searching for information, I may need one "tidbit". It would take me e.g. 10 minutes of jumping through some youtube video to find it.

  5. PinchOfSalt

    Embedded versions

    I'm not sure if this is still the case, but the AV industry used to share core engines and signature files between them. Some of the vendors were a blend of four different engines and signature sets and Kaspersky was often used as one of these that supplied it as an OEM solution.

    I wonder whether this is still prevalent and what those vendors are now going to do

  6. DropBear
    Devil

    Bah, humbug! The only one I trust is Thunderbyte Antivirus - as I have personally verified it can restore even infected files to binary-identical originals. If it has a pre-infection database, it will even cut the file length back down to the original size - but the binary content is the same, either way...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like