Kaspersky allegations: is cyber security stronger for false positives?

Kaspersky Lab is accused of trying to undermine its competition, but increased alertness may be a good thing

"Kaspersky Lab tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees."

So runs an exclusive run by Reuters, which claimed CEO and co-founder Eugene Kaspersky himself ordered some of the attacks as a covert, and rather underhand, way of fighting back against smaller antivirus companies encroaching on his company's turf.

Advertisement - Article continues below

According to one of the two former employees who provided the information to Reuters, "it was decided to provide some problems [for rivals]", but, they argued, such actions are "not only damaging for a competing company but also damaging for users' computers".

AVG and Microsoft, among others, had previously noted a campaign of creating so-called 'false positives', but had never pointed the finger at any particular culprit. Indeed, all competitors are being either circumspect in their response to the allegations, or are not commenting at all.

As for Kaspersky Lab, its CEO has hit out in a blog post, claiming the Reuters report is a complete fallacy.

"The article, filled with sensational -- false -- allegations, claims Kaspersky Lab (KL), creates very specific, targeted malware, and distributes it anonymously to other anti-malware competitors, with the sole purpose of causing serious trouble for them and harming their market share," said Eugene Kaspersky.

Advertisement - Article continues below
Advertisement - Article continues below

"Disgruntled ex-employees often say nasty things about their former employers, but in this case, the lies are just ludicrous ... the reality is that the Reuters story is a conflation of a number of facts with a generous amount of pure fiction," he added.

It is clear that Kaspersky feels both he and his company have been victimised and are being portrayed as the evil, scheming Russian baddies of Cold War fiction.

After all, this is not the first time "anonymous sources" have claimed Kaspersky Lab has been acting maliciously; earlier this year, Bloomberg claimed the company was in cahoots with the Kremlin (which is a little ironic, given what American tech firms are now known to have handed over to the NSA).

But is it all bad? Despite potentially causing a loss of trust between antivirus firms, could the events these claims centre around ultimately make the sector stronger?

Advertisement - Article continues below


The allegations largely focus around a period between 2012 and 2013, when anti-virus programs, including Kaspersky Labs' own, started flagging legitimate files as malicious.

This happened because an unknown actor was slightly modifying these files and flagging them to VirusTotal - a database of malware discovered by researchers that many anti-virus companies work from when creating their own databases.

This meant that, increasingly, software created by security firms, including Microsoft, AVG and Kaspersky Lab itself, was detecting and blocking genuine programs and data that it considered malicious.

A closed-door meeting between all the major industry players ironed sought to iron this issue out, and was quite effective.

And it had another knock-on effect, too.

Companies became less trusting in databases and more likely to do additional research into programs entered as malware. A lack of trust may not seem like a good thing, but blind faith certainly isn't helpful either.

Advertisement - Article continues below

Ultimately, this saga, whoever was behind it, may have made things better for consumers, and more difficult for malware authors. 

Was Kaspersky Lab behind the false positives? Was Kaspersky himself at the helm giving orders to scupper rivals? We have no proof either way, but my gut says no.

Like many others in both journalism and cyber security, I am wary of the Reuters claims due to the underlying essence of smear that taints them. What's really going on? Who knows an effort to muddy the waters for some reason, someone with a vendetta against the company, a complete misunderstanding of the work Kaspersky Lab has done in the area, notably in 2010 these are all possibilities.

It is also possible that the firm really is the evil empire, we just don't know. But, when it comes to anonymous sources, it's always worth adding a little pinch of salt when you imbibe the story.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now


Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Careers & training

IBM job ad calls for 12-years of experience with six-year-old Kubernetes

13 Jul 2020
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020