US banned last year anti-virus software use in state departments amid Russian espionage allegations
Exclusive: Kaspersky's talks with US over a data centre aimed to boost transparency falter
Moscow-based Kaspersky Lab has reached a stalemate in discussions with the US, its second-largest market after Europe, to open a data centre intended to address Western governments’ concerns about its alleged links to Russia’s espionage efforts.
“The dialogue in the US with the regulators is now frozen, so for us as a company, there’s no sense to open something which is not needed,” Anton Shingarev, vice-president of Kaspersky Lab’s public affairs, said in an interview in Abu Dhabi.
Although the probability of opening a data centre in the US, where the company is in a legal battle to maintain its presence in the market, is low, the company still wants to proceed.
The data centre is a facility where the company will open its products’ source code to independent third-party reviews by experts and governments to scrutinise its software for any security vulnerabilities.
In October, Kaspersky Lab embarked on a campaign to clear its name and dispel concerns about alleged collusion with the Russian government. It announced the Global Transparency Initiative to open data centres or the so-called Transparency centres in Asia, Europe, and North America but did not provide details at the time.
The global anti-virus software company is setting up data centres after the US, UK and Lithuania decided last year to ban its products in state departments handling sensitive data. It is the latest effort by Kaspersky to assuage the concerns of the US government and combat their and other countries’ allegations that Russia is using its anti-virus software to spy on customers. Kaspersky has strongly rejected the accusations and sued the Department of Homeland Security in a federal court in Washington in September.
Although its data centre plans in the US have hit a roadblock, the cyber-security company is forging ahead with projects in Europe and Asia.
A European data centre in Switzerland will be ready by year-end and Kaspersky is currently looking for “supportive” states in Asia where it could open several facilities, Eugene Kaspersky, chief executive and co-founder of Kaspersky Lab, said in an interview with The National. The company may open additional data centres in other regions if there is demand.
“We are flexible, if we see that it really works for us and if we see that we have requests from other regions, then we will open it in different areas as well,” Mr Kaspersky said during a visit to Abu Dhabi.
Losing state clients will cost the privately-held company a 10 per cent decline in its US revenue but the dip should be compensated by other regions, Mr Kaspersky said, declining to name specific markets.
“We see its going down, for how long, I don’t know because the impact we had last year was quite serious,” he said.
Global sales growth this year are expected to exceed the $698 million revenues in 2017 propelled by markets outside North America and the introduction of new products, he said, declining to provide a target figure.
“The target for this year is stable growth in all regions except North America, because we need to compensate the decline in the US, and until now the figures are very positive,” Mr Kaspersky said. “We’re growing and expecting to see growth this year, which is based on the rest of the world.”
Discussions in Asia for a data centre are promising and the company would accelerate the process depending on demand.
“We’re looking for partners, for states which will be supportive to us. If we see there are other partners that are interested in opening a centre in Asia, we’ll go for that. So it could be maybe not one, but several,” Mr Kaspersky said, declining to provide a timeline or size of investment.
Other transparency centres could crop up worldwide amid growing fears of cybersecurity risks among nations.
The company will hire an independent global audit company to review its internal procedures and engineering practises and is currently working on redesigning some of its R&D procedures, Mr Shingarev said. Kaspersky Lab has extended its “bug bounty” program whereby it will award up to $100,000 to anyone who detects a severe vulnerability in its products.
“We’re not going to give up because of the false accusations, we’re going to protect the business and we have a plan,” Mr Kaspersky said. “All this is false, there’s no proof at all, who are the victims, give me the names of the victims, there’s zero, nothing.”
The US ban caused concern about the company’s products in other markets, including the UK which only advised its government bodies against choosing Kaspersky software, according to a letter on its website.
The company has received questions from clients in Asia-pacific to the Middle East, Mr Shingarev said.
“Regulators in Asia Pacific are not worried about these allegations mostly, but still we’re in touch with them all the time,” Mr Shingarev said. “So far in the Middle East, our partners and government customers are satisfied with what we tell them.”
While talks in the US have stalled, dialogue with European regulators has been easier because they “are sticking to the facts” and the UK’s advisory has been “balanced,” Mr Shingarev said.
The company has received no response from Lithuanian authorities over the decision to ban its products and Kaspersky Lab is considering “legal options” but would rather resolve matters through constructive dialogue, Mr Shingarev said.
Suspicious politicians in the West have pointed out Mr Kaspersky’s education in Russia and the company’s alleged ties with the government.
“The truth is, yes I graduated as a cryptologist and software engineer from the KGB school, because cryptographic studies in soviet time was under this umbrella,” Mr Kaspersky said. “I got a mathematical education but they didn’t teach me to spy on people, we didn’t have this training.”
The company co-operates with the FSB, Russia’s intelligence unit that is also responsible for cyber-crime investigations, on high-profile cases and with the cyber police on low-level incidents, he said.
Mr Kaspersky, who has built the company over 20 years, says the crisis came as a shock and it’s been a difficult time.
Whether or not the company will recover from the political and media onslaught and come out unscathed is not a matter of debate for him.
“Yes of course, it’s not a question,” he said. “We are already doing that.”