Is Russian Software Safe?

By Mark W. Swarbrick

Is Russian-made Kaspersky Antivirus Software Still Safe to Use?

I’ve been asked this a lot because of recent stories in the news. The answer is yes, it is safe to use.

What Happened?

An employee of the U.S National Security Agency illegally (and stupidly) took government software home and put it on his home computer. What software? Oh, nothing much, just government designed malware! Bear in mind, the kind of malware governments make is not your run-of-the-mill virus. Think Super-Virus. Viruses that governments create are used for counter-espionage, or perhaps for taking down power plants, electrical grids or nuclear reactors.

Stuxnet is a perfect example of a state-sponsored virus, a worm that targeted programmable logic controllers that manage industrial control systems. We don’t know what this brand of U.S. created malware did. That would be classified, but we can be sure it was something powerful. This wasn’t some irritating little bug designed by kids to mess up your home computer. This was stuff developed by some of the brightest minds working in our intelligence community. We can presume that it was designed to be able to be used to spy on, prevent attack from, or initiate attack, on other countries. Very dangerous super-secret stuff.

What Has That To Do With Kaspersky?

Back to the NSA contractor – the one that should win the idiot-of-the-year award – his home computer was protected with Kaspersky, which is made in Russia. Of course when he put the super-virus on his home computer, which by the way was totally illegal, Kaspersky detected and quarantined the virus, just as it was designed to do.

The real story here is how careless this guy was. How could an NSA agent with top-security clearance do something so dumb? Hmmm, maybe sometime in the recent past some top-level government official did something similar and set a bad example? Just saying. So, has this person been fired? Arrested? I don’t know. I couldn’t find out because the news is concentrating instead on how EVIL Russia is, which probably sells more papers.

All Anti-Virus software packages ask a question when they are installed. That question goes something like this: “Would you like to help make this product better? Any detected viruses will be sent to our labs for analysis if you click ‘Yes.’ Click ‘No’ if you don’t want information sent to our labs.” This is one of the main ways that all anti-virus software learns about newly created viruses. Any junior computer tech knows this. I always click ‘Yes.’ Apparently this employee had clicked ‘Yes’ also. As a result, the detected state-sponsored super-virus was sent to Kaspersky Labs for analysis. Nobody had to hack in and get it. The Kaspersky software sent it in to their labs just as it was supposed to.

No doubt the detection of a government super-virus set off alarms at Kaspersky, as can well be expected. One news article by the drive-by mass media says, “The Russian hackers then targeted the contractor’s home machine and copied the NSA files.” Another article says that “Kaspersky opened the machine up to Russian hackers.” Those are all blatant lies. No such thing happened!

It didn’t need to  happen for them to get the virus. Kaspersky received the NSA-created virus because the employee had approved for Kaspersky to send any infected files to them for analysis. Kaspersky did not hack into anyone’s computer. They received the virus by completely legitimate, legal and moral means. But when reporters who know nothing about the technology they are talking about try to sound like they are in-the-know, you get these outrageous distortions of fact.

I would think those in our government who know would be quick to point out this blatant misrepresentation of facts, but then again, it’s conceivable that the organization that allowed something so imbecilic to happen would prefer to let the blame get passed off on another country. The bigger the story of “Russian hackers” is made to be, the smaller the story becomes of those responsible for another stupid breach of government security.

Now let’s think about what happened next and let’s put the shoe on the other foot. Let’s pretend that it was an American company, say Norton for example, that detected a state-sponsored virus in another country. And Norton received that dangerous state-sponsored super-virus by totally legitimate means. What should they do? What would an American patriot feel responsible to do? What if the virus was found to have come from North Korea?  Can you see where an American company might feel obligated, maybe even required, to report this information to our government?  I certainly think that would be reasonable.

We don’t know how exactly things happened in Russia, but apparently this situation did get escalated into the Russian government. Maybe. We don’t really know, even though some say we do. Understand, we are dealing with highly classified material and it may be that both governments are issuing disinformation in this regard. The point is, when we are dealing with government spy agencies we can’t always take the info being released at face value. But even if it did get reported to Russian intelligence, that is not out of the ordinary or anything that would not happen in America. Governments of all countries have to use all means necessary to keep abreast of all cyber threats, especially when it involves a government created virus that was loaded onto a private internet-connected personal computer!

Eugene Kaspersky, founder of Kaspersky Labs said, “We never betray the trust that our users place in our hands. If we were ever to do so just once, it would immediately be spotted by the industry and it would be the end of our business — and rightly so.” Much is made of the fact that Kaspersky labs has helped their government with security issues. I say, so what?  Would we think it strange if we heard that Norton had helped our government with security? This whole story is a big nothing-burger.

Follow The Money

Who benefits from making more of this story than is really there? Kaspersky, by virtue of its superior detection algorithms, has won a major share of the American anti-virus software market, cutting deeply into the pockets of Symantec/Norton, McAfee and other American products. I can imagine that these American companies are gleeful over this recent fake news. Their revenue has increased exponentially as a result. News outlets also capitalize on this kind of story. It sells papers, magazines and makes great evening news that is guaranteed to boost ratings. All that translates into dollars.

Follow the Politics

I think everyone realizes that today most of our news comes to us filtered through a political lens. People that own news outlets are just humans like you and me and they have a certain political bent. They naturally reward reporters who formulate stories that align with their particular world view.

It would be naïve not to take into account the current Russian hysteria in the political climate surrounding this story. There is a current FBI investigation that deals with alleged collusion between Russia and President Trump to affect the election outcome. Without going into what I think of that, or the facts, or should I say lack of facts, suffice it to say that we should ask ourselves this question: Who benefits if Russia is made to look bad in this incident? This would not be the first time a story is skewed to benefit a politician.

The Moral of the Story

Part of this story is that the U.S. government is considering banning the use of Kaspersky software on their computers, and this tends to give the whole story credibility. So people are thinking, if the U.S. government doesn’t trust it, should I?

Should the U.S. government use Kaspersky software? No, absolutely not. A United States entity should never use any foreign software for protection, at least not a branch of government that deals with sensitive data. The government should be making their own protection software and not buying it from anyone. And if they do buy it, they should be buying American. That should be a no-brainer!  Neither do I don’t think our military should be using Russian-made AK-47s. We should make and use our own weapons, and we do. But that doesn’t mean an AK-47 isn’t a good rifle. Government should not use another country’s protection software, but private use of Kaspersky is another matter entirely.

Just because our secret spy agencies shouldn’t use Kaspersky does not mean that the average home user should not use it. It is still, in my opinion and in the opinion of many other experts, the best anti-virus software available. There is nothing in the software that causes a computer to be spied upon. It does not open up your computer to the Russians. If you don’t want your viruses reported, click ‘No’ When you install it.

The real moral of the story is, if you are the United States National Security Agency, don’t hire dimwits that take super-secret dangerous government software home to put on a personal computer. If you are a government agency or an employee doing government business, don’t use foreign made protection software and don’t use your own private email server. I would think every agency of our government would have that memo by now.

I trust Kaspersky and I will continue to use it on my own personal computer and to recommend it to others. It has never let me down. I love buying American, but right now, the Russian-made Kaspersky software is the best protection out there. Consider also the large presence Kaspersky has in our country. Most of the money spent on Kaspersky stays right here in the states.  If things ever change I will be the first to let you know. But I don’t think things will change. It’s not likely that a large billion-dollar company like Kaspersky, that is doing international business, will commit suicide.