The ongoing spat between US and Russian intelligence has dragged a lot of tech companies into the fray, including Google and Facebook, but the worst hit so far has been Kaspersky Lab, for obvious reasons. The Moscow-based security companies is one of the world’s top cybersecurity vendors, according to research firm Gartner, and its alleged links to the Kremlin as well as Russian law allowing monitoring of data transmissions have put it under the spotlight more than other companies.
While Kaspersky has repeatedly denied all allegations, as has the Kremlin, US lawmakers are still skeptical despite the company agreeing to release its source code to independent reviewers from the software community as well as government bodies.
According to Rodney Joffe, who is an advisor to the US FCC and senior vice president at Neustar, an online identity management company:
“A good start would be a release of the source code for the products already out there, that matches the actual installed code base.”
This is exactly what Kaspersky is proposing to do.
However, Democratic Senator Jeanne Shaheen, who was one of the people responsible for Trump’s administration requiring all governmental agencies to remove Kaspersky software from their systems and networks, the source code review was merely “a red herring that doesn’t address any of the fundamental underlying concerns with Kaspersky products.”
Michael Hayden, former NSA director, is calling Kaspersky’s move “a dramatic step forward, but not necessarily sufficient.”
Kaspersky Lab is also doing other things, among which one initiative is to boost its maximum bug bounty from the current $5,000 up to $20,000. It is also opening “transparency centers” in the US, Europe and Asia where governments and consumers can access the results of the outside reviews, and ask the company to address any additional concerns they may have.
But is all this enough to remove the seed of doubt that’s been sown in the American public’s minds? Hardly. If key lawmakers are still skeptical, there’s no reason why the average voter won’t remain so. As long as the influence of the Russian government and its agencies is still in question, Russian companies like Kaspersky Lab that do business in the United States will continue to live under a shadow.