Kaspersky: "We have never been asked to whitelist malware"
A company blog has revealed neither government nor any other entity has asked it to stop detecting malware
Kaspersky's Global Research and Analysis Team has denied being asked by a company or government entity to whitelist or stop detecting malware.
The company decided to clear up some rumours about it caving in to external pressures when it explained how it came to uncover the Regin malware, saying the reason it took so long to detect was because finding out the impact and intricacies of malware is a complex, resource-heavy process and involves a lot of cooperation between different security firms.
"Without unlimited resources and the fact that we're tracking multiple APT actors simultaneously (Careto/Mask, EpicTurla, Darkhotel, Miniduke/Cosmicduke, to name a few), this becomes a process that takes months, even years, to gain a full understanding of a cyber-operation," Kaspersky said.
"While some of the Regin samples got on our radar early and we continued to find additional samples and artifacts during the research, we are convinced there are others that are currently unknown and undiscovered," the company said in a blog post.
Regin has been in operation since 2008, Symantec revealed last month and has already been implicated in attacks by governments against large companies, the majority of which are situated in in Russia, Saudia Arabia, Mexico and Ireland. It believes the attack mechanism could have been used by a Western country with sufficient development resources.
"At Kaspersky Lab, we are processing hundreds of thousands of samples every day," Kaspersky said.
"The art of figuring out which ones are significant and further yet which ones belong together as part of a big APT attack is akin to finding needles in a huge haystack and then figuring out which ones belong to the same knitting set. We are grateful for every needle we discover, because this makes the world a little safer."
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now