The Kaspersky Hypothesis

The Kaspersky Hypothesis

You may (or may not if you don't read tech news) have heard that the US Government (NSA) is accusing Kaspersky Antivirus of helping the Russian government steal secrets.

Obviously I'm not close enough to the sources to know whether or not it's likely to be true. I won't even try to guess or take a side.

What it does bring to mind for me is that this scenario has been postulated in sci-fi novels and movies since at least the 1980's. Usually the antagonist is a representation of Microsoft or in older works IBM, hiding secret code within the operating systems they make that they use for their own nefarious purposes.

Now it's been suggested that one of the most popular antivirus software used in the USA is actively stealing state secrets and supplying them to the Russian government.

A bit more obscure is the news that Telegram, a secure mobile chat app from another Russian company, has been accused of doing the same thing.

Having played various games online with Russian players in the past several years, I can state that in my experience Russians are both technologically capable as a group, and they hate Americans. Obviously that's a small and myopic view and not something I base my opinion of all Russian citizens on, but the hate that spewed from Russian players directed at Americans in every online game where I knew I was playing with Russians, is thick.

On the other hand, it seems interesting that within a year of each other (Telegram was announced in January, but stems from a June 2016 report) two very popular Russian tech companies are accused of spying for the Russian government. Either the Russian government is a sly fox, or the US government is manufacturing evidence. Or the possible third option is that the NSA is incompetent and misreading evidence to justify an internal leak, which amounts to the same as the second answer.

I honestly can't tell which. I will say that I monitor network activity from my computers, including those running Kaspersky antivirus, and to my knowledge it's never tried to do anything other than download antivirus updates from standard distribution URLs. Then again I don't work for the NSA.

I have caught mobile software that was sending data home to China before while I thought my device was asleep, so I think we can safely assume this sort of thing does happen and isn't just in sci-fi stories anymore. Since that time I've stopped using any mobile apps that originate from a Chinese company.

So, what action should the average citizen take with this news if they have Kaspersky on their computers? Probably nothing. Although companies with sensitive data may want to think about either changing software or controlling it's ability to communicate with the outside world, just in case.

Posted by Tony on Oct 06, 2017 |