Article Details

Kaspersky challenges US government to prove case over hacking claims. Proposes 'comprehensive assessment framework' to check and verify. Kaspersky has hit back after the US government banned its products by proposing independent verification. The embattled Russian antivirus maker pledged to comply with US Department of Commerce rulings on its software but also maintained that the Feds' June decision to ban its products in America is purely political. "To respond to the US authorities' concerns, the company has proposed a comprehensive assessment framework providing for the verification of its solutions, database updates, threat detection rules by an independent trusted reviewer," the statement said. The infosec shop is referring to its Global Transparency Initiative, which Kaspersky rolled out in 2017 in response to the earlier ban of its tech on US government systems.  The US Department of Homeland Security issued the edict to ban Kaspersky on government networks, citing the company's alleged ties to the Kremlin. In response, the software maker offered to open up its source code for third-party review. The Register has asked Kaspersky for more information about the framework to verify its products and threat-detection rules. We also asked the Commerce Department for more detail, but have not received a response.  Today's statement, however, indicates that the Feds didn't look favorably on this proposal. "Kaspersky maintains that the US Department of Commerce decision was based on the geopolitical climate rather than on the evaluation of the integrity of the company's solutions and deprives US users and companies of best in class protection," the statement said. The firm also said it has stopped sales of new contracts of its anti-virus software and security products in the US ahead of the Commerce Department's July 20 end-date. Earlier in the week, Kaspersky confirmed that it would "gradually wind down" its US operations and eliminate fewer than 50 positions. Plus, in today's statement, it acknowledged that Kaspersky will be prohibited from providing antivirus signature updates and codebase updates to US consumers and businesses after September 29. "Kaspersky's informational or educational products and services such as Kaspersky Threat Intelligence and Kaspersky Cybersecurity Training, as well as Kaspersky consulting or advisory services (including SOC Consulting, Security Consulting, Ask the Analyst, and Incident Response) will continue to be available in the US market," according to the statement. "Kaspersky remains strong in its ongoing support for its customers and partners worldwide providing leading cybersecurity solutions," it continued. "The company stays dedicated to delivering top-tier cybersecurity technologies, recognized for their excellence through numerous independent awards and third-party audits. Kaspersky will continue to deliver on its mission of building a safer world." Yesterday, Russian biz said it would give US customers six months of security updates for free as a parting gift.