Tag: Kaspersky

Kaspersky Lab partners with ThreatConnect

Security outfit Kaspersky is allowing its threat data feeds to become available through the ThreatConnect Platform to help businesses get a better idea of the threats.

The ThreatConnect Platform collates data from a range of different cybersecurity sources to give a watertight overview of the threat landscape for businesses.

Kaspsersky’s global revenue grows

US government spy stories have not been enough to scare off Kaspersky’s global customers.

Cybersecurity vendor Kaspersky reported annual revenue of $726 million for 2018, despite a downturn in sales in the North American market.

The figure represents four percent year-on-year global growth for the company, with all regions – apart from the North American market – reporting increased sales.

NCC Group update shows channel skills shortage

Cybersecurity outfit NCC Group has shared an interim first half update that exposes its problems finding those with security skills.

While everyone knows that there are problems with finding staff with the right stuff it has mostly been pitched as an “opportunity for the channel to fill the skills gap.”

The NCC report implies that even the channel is suffering too.

Kaspersky gets closer to Ingram Micro

Kaspersky and Ingram Micro have extended their distribution agreement to cover the entire EU and European Free Trade Association (EFTA) states.

This agreement means Ingram Micro is able to offer more customers access to Kaspersky-powered cybersecurity products through its own Cloud Marketplace. In return, Kaspersky will benefit from a wider distribution of its products and services throughout the Eurozone.

MSPs will now have access to software packages through the marketplace, which include Kaspersky security suites bundled with other software products.

It means that partners can use Ingram Micro’s tight integration with Office 365 and the Kaspersky Lab portfolio that have been engineered to work closely together and protect end users.

Russ Madley, head of B2B, Channel for UK and Ireland at Kaspersky Lab said: “We have worked with Ingram Micro for years across the world and are delighted that our partnership has been extended across Europe. This will mean that an increased number of users will have easy access to our security software – which continues to be the most independently tested and awarded solution and receive multiple accolades – through Ingram Micro’s Cloud Marketplace.”

It follows news that Kaspersky has now signed up 1,000 MSPs to its specialist partner programme in less than a year, despite growing international concern about the company’s alleged ties to the Russian government.

GNR Technology backs beleaguered Kaspersky

KASPERSKY-edGNR Technology will distribute the troubled security vendor Kaspersky in the UK.

For those who came in late, Kaspersky was accused of helping the Russians spy on US government networks. The US government ordered the removal of all Kaspersky products throughout the country.  Then the UK’s National Cyber Security Centre expressed a degree of concern over Kaspersky but stopped short of advising businesses and government departments to remove the vendor’s products.

While this is not the best time to add Kaspersky to your portfolio, particularly if you are a distributor who has come risen from the ashes of Entatech last year, but GNR has done just that.

According to Channelweb, GNR boss Dave Stevinson said that Kaspersky Lab is one of the world’s leading internet security vendors and there has been no actual evidence to back up the allegations.

He said that Kaspersky is a credible brand in the cybersecurity space and perfect for protecting critical infrastructure businesses.

Stevinson said that GNR was a specialised distributor with a focus on a limited number of brands. Kaspersky Lab and the cybersecurity space is an area where GNR has significant expertise coupled with a huge ambition to meet the shared business outcomes.

Kaspersky’s other UK distributors include Arrow, DSD Europe, Exertis, Tech Data, and Nuvias as, according to the Kaspersky website.

 

Goodnight Vienna as Kaspersky shuts Washington

white-houseKaspersky has shut its Washington office after the US government ordered all departments to remove the vendor’s software from its systems.

In September the US Department of Homeland Security gave government organisations 90 days to remove all traces of Kaspersky, citing “ties between certain Kaspersky officials and Russian intelligence”.

Kaspersky vice president Anton Shingarev is said to have confirmed the news in an interview in Moscow.

Shingarev slammed the US’s stance on cybersecurity compared with European governments.

“What I like about Europe is that their regulators are fact-driven”, he said, before accusing the US of making decisions based on “speculations”.

We guess he was not talking about the UK where the  UK’s National Cyber Security Centre (NCSC) advised that a government organisation should not use a Russian-based cybersecurity company if it is processing “secret” information.  It stopped short of advising all organisations to ditch Kaspersky completely.

In fact the NCSC said that it did not want people doing things like ripping out Kaspersky software at large, as it makes little sense.

The NCSC also said that it was working with Kaspersky to discuss whether a framework could be developed that will provide assurances of Kaspersky’s integrity to UK organisations.

In fact, the NCSC was talking about central government, which has a “relatively small” number of systems running Kaspersky.

Eugene Kaspersky slammed the media coverage following the NCSC’s advice, writing on Twitter that Kasperksy’s presence in the UK was not at risk.

On Twitter, he said: “Let me stress: there is no ban for KL (Kaspersky Lab) products in the UK.”

 

Kaspersky’s partners back the security outfit

40153923-1-kaspersky1Kaspersky has seen a flood of support from its distributers after the US government ordered its departments to remove all of its products within 90 days.

The US government’s Department of Homeland Security (DHS) yesterday released a statement saying the use of Kaspersky products carried “information security risks” to the government.

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”,  the statement read.

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalise on access provided by Kaspersky products to compromise federal information and information systems directly implicates US national security.”

DHS also claimed that Russian law allows its intelligence services to “request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”.

Kaspersky has denied any connection to the Russian government since July when Bloomberg claimed to have seen emails proving the vendor had been working with the Kremlin.

Bloomberg saw emails between founder Eugene Kaspersky and senior Kaspersky staff, discussing a cybersecurity project that was in development for the Russian FSB intelligence agency.

Kaspersky said it was disappointed with the US government’s decision.

“No credible evidence has been presented publicly by anyone or any organisation as the accusations are based on false allegations and inaccurate assumptions, including claims about the impact of Russian regulations and policies on the company. Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments”, Kaspersky added.

Kaspersky’s distributors agree, saying that the whole thing has the smell of anti-Russian politics rather than meaningful security problems.

Dave Stevinson, managing director at Kaspersky partner GNR, said the US’ decision is driven by political motives, rather than technological motives.

“In my opinion, this is a political issue and unfortunately for Kaspersky they’ve been used as a pawn in Trump’s game against Russia,” he said.

Resellers say that in Europe there has been no reluctance from partners or customers to continue using Kaspersky products.

One ace card that Kaspersky did was offer to share the source code with the US spooks. If there were Russian interference that would have been obvious from the code.

The fact that the US government refused to take it and yet locked them out of US markets is probably a sign that they were not really interested in security.

Kaspersky warns MSPs need to improve security

securitySecurity outfit Kaspersky Labs has warned that there real dangers that some of the current security offerings from MSPs will fall short and leave users exposed to risks.

SMB Business head at Kaspersky Vladimir Zapolyansky said that for service providers, it’s not enough to simply have cybersecurity services in their portfolio. One damaging incident such as a ransomware infection can undermine their reputation and affect relationships with customers.

The security vendor found that 92 percent  of MSPs now include cybersecurity as part of the portfolio of services they offer and many believe that providing it gives them a better reputation.

Three quarters of those MSPs quizzed by the vendor also expected the provision of security services would gain them new customers as well as keeping existing accounts on board.

The study also revealed that MSPs listed security as one of the main concerns for their customers with many looking for a service that would block ransomware.

But skill shortages along with issues remotely deploying and managing security solutions are causing headaches.

The advice from Zapolyansky to MSPs was to choose security products that had been designed with an service provider in mind and were easy to deploy and manage.

The debate about the value of turning to an MSSP rather than MSP when it comes to security issues will run and run.

 

Kaspersky ends reseller contract with Quadsys

40153923-1-kaspersky1Russian security outfit Kaspersky Lab has told security reseller Quadsys to go forth and multiply after its company bosses admitted hacking rivals.

Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant Jon Townsend pleaded guilty to securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse Act 1990.

The five were charged in summer 2015 with hacking into a rival’s database to plunder customer information and pricing details. Sentencing is set for 9 September.

Quadsys, which was accredited as a Kaspersky Gold partner, the vendor’s top tier certification has moved to distance itself from the troubled outfit and has ended its business relationship with the company.

Others are expected to follow, but still have not gone on record.  Sophos had actually promoted Quadsys to its platinum certification on 1 August, just nine days after the Quadsys Five pleaded guilty at Oxford Crown Court.

Execs go as Kaspersky loses business

40153923-1-kaspersky1Two of Kaspersky Lab’s top US executives have cleaned out their desk after they failed to convince US government officials that not everyone in Russia is a pawn in Tsar Putin’s game.

The company’s leader of its North American operations and the head of a Washington-area office went as it struggles to win US government contracts.

Company Chief Executive Eugene Kaspersky confirmed the changes in an interview with Reuters during a visit to China but claimed the two personnel changes were unrelated.

Kaspersky said the North America head Christopher Doggett had gone to a competitor while Kaspersky “decided to change leadership in DC,” where the two-year-old office pursues work protecting government agencies and critical infrastructure.

Doggett and former Washington-area head Adam Firestone are not saying anything.

But the shakeup comes at a time when Kaspersky says it is hard for non-American security companies to win bids for federal jobs and big US corporate contracts. The Americans were not really loyal to any non-American products and only British companies are treated in the same way as the Americans.

Kaspersky has been the foremost researcher uncovering Western government spyware for the past several years. Earlier this year, it said it had itself been attacked by one of the most sophisticated strains uncovered to date, with an intrusion it hinted came from U.S. ally Israel.

Kaspersky has also come under US. scrutiny for other reasons after claims that it distributed malware samples that were designed to trigger false positives by rival companies, prompting them to isolate legitimate software on users’ computers. Kaspersky denied it.

But the stories apparently drew attention in the White House and intelligence agencies and decreased Kaspersky’s chances of getting significant government contracts.

Exertis becomes Kaspersky B2B distributor

40153923-1-kaspersky1Anti-virus outfit Kaspersky has named Exertis UK as its new B2B channel distributor.

Exertis will offer its reseller base Kaspersky’s range of value-add B2B products, including anti-virus, malware detection and firewalls.

Kaspersky said that the appointment followed a substantial growth in the UK B2B space over the last year.  It now has 250 new resellers registering as a partner, giving 582 in total.

The two firms already have an existing partnership in the consumer space space (B2C) but now Exertis can offer the security companies products to business-to-business resellers.

Kaspersky UK and Ireland MD Kirill Slavin said: “Protection is not just about patching on basic security for businesses today, it is about building cyber-resilience into the very heart of operations. There is an immense opportunity for the channel and we’re delighted to use Exertis  to bolster sales.

“Exertis brings two  distinct approaches to the market. Its value added distribution offering encompasses technical excellence and experience in the security arena. It can also help our business get further reach into the mass reseller community, a move which is invaluable for resellers and customers alike.”

Exertis VAD Solutions MD Grahame Smee said: “We’re looking forward to working with Kaspersky as it enters an exciting stage of growth in the channel.

“The cyber-threat landscape is evolving and this relationship will help us to deliver a value-add proposition for businesses from a company that is globally renowned for its knowledge and expertise in the cybersecurity arena.”

Kaspersky finds more US snoops

spyMoscow-based Kaspersky Labs has uncovered more evidence indicating that the US National Security Agency is behind a particularly successful hacking group.

“Equation Group” ran the most advanced hacking operation ever uncovered and was untouched for more than 14 years.

Kaspersky researchers did not say that the hackers were the NSA, saying only that the operation had to have been sponsored by a nation-state with nearly unlimited resources to dedicate to the project.

However the mountain of  evidence that Kaspersky provided  strongly implicated the spy agency.

The strongest new tie to the NSA was the string “BACKSNARF_AB25” discovered only a few days ago embedded in a newly found sample of the Equation Group espionage platform dubbed “EquationDrug.” “BACKSNARF,” according to page 19 of this undated NSA presentation, was the name of a project tied to the NSA’s Tailored Access Operations.

“BACKSNARF” joins a host of other programming “artifacts” that tied Equation Group malware to the NSA. They include “Grok,” “STRAITACID,” and “STRAITSHOOTER.” Just as jewel thieves take pains to prevent their fingerprints from being found at their crime scenes, malware developers endeavor to scrub usernames, computer IDs, and other text clues from the code they produce. While the presence of the “BACKSNARF” artifact isn’t conclusive proof it was part of the NSA project by that name, the chances that there were two unrelated projects with nation-state funding seems tiny.

The code word is included in a report Kaspersky detailing new technical details uncovered about Equation Group.

Among other new data included in the report, the timestamps stored inside the Equation Group malware showed that members overwhelmingly worked Monday through Friday and almost never on Saturdays or Sundays. The hours in the timestamps appeared to show members working regular work days, an indication they were part of an organised software development team.

The timestamps show the employees were likely in the UTC-3 or UTC-4 time zone, a finding that would be consistent with people working in the Eastern part of the US.

 

 

Western spooks behind Regin

 james_bond_movie_poster_006Security experts at Kaspersky Lab have discovered shared code and functionality between the Regin malware and a similar platform  in a newly disclosed set of Edward Snowden documents 10 days ago by Germany’s Der Spiegel.

The link, found in a keylogger called QWERTY allegedly used by the so-called Five Eyes, leads them to conclude that the developers of each platform are either the same, or work closely together.

Writing in their blog, Kaspersky Lab researchers Costin Raiu and Igor Soumenkov  said that considering the extreme complexity of the Regin platform there’s little chance that it can be duplicated by somebody without having access to its source codes.

They think that the QWERTY malware developers and the Regin developers were the same or working together.

The Der Spiegel article describes how the U.S National Security Agency, the U.K.’s GCHQ and the rest of the Five Eyes are allegedly developing offensive Internet-based capabilities to attack computer networks managing the critical infrastructure of its adversaries.

QWERTY is  a module that logs keystrokes from compromised Windows machines; Der Spiegel said the malware is likely several years old and has likely already been replaced.

Kaspersky researchers Raiu and Soumenkov said QWERTY malware is identical in functionality to a particular Regin plugin.

Raiu and Soumenkov said within QWERTY there were three binaries and configuration files. One binary called 20123.sys is a kernel mode component of the QWERTY keylogger that was built from source code also found in a Regin module, a plug-in called 50251.

Side-by-side comparisons of the respective source code shows they are close to identical and sharing large chunks of code.

Regin was discovered in late November by Kaspersky Lab and it was quickly labelled one of the most advanced espionage malware platforms ever studied, surpassing even Stuxnet and Flame in complexity. The platform is used to steal secrets from government agencies, research institutions, banks and can even be tweaked to attack GSM telecom network operators.

 

 

China bans Symantec and Kaspersky

great wallThe Chinese government has banned anti-virus companies Symantec and Kaspersky Lab from working on government contracts behind the bamboo curtain.

A Chinese media report suggested Beijing is expanding efforts to limit use of foreign technology and Symantec, which is owned by the US and Kaspersky, which has Russian owners are no longer allowed to apply for government contracts.

The state-controlled People’s Daily reported that government procurement office had approved the use five anti-virus software brands, all from China: Qihoo 360, Venustech, CAJinchen, Beijing Jiangmin and Rising.

Kaspersky is apparently not giving up and is going to have a word with the Chinese authorities about this matter. It is too premature to go into any additional details at this time.

Beijing is keen on promoting use of domestic information technology products after leaks from former National Security Agency contractor Edward Snowden raised concerns about foreign surveillance programmes.

Symantec said that that China had banned use of one of its data loss prevention products and it was currently in talks about the ban. However, a Symantec spokeswoman said that there was no indication of a ban on the company’s flagship anti-virus software programs.

In May Chinese authorities had banned government use of Windows 8 “to ensure computer security after Microsoft ended support for its Windows XP operating system”, which was widely used in China.

Intel doesn’t back Lady Geek dot com

Belinda ParmarA woman on the radio this morning hit out at womens’ magazines for not including enough information on gadgets and the like.

Belinda Parmar, the CEO of the agency with a website at ladygeek.com (pictured) said in a discussion on BBC Radio 4’s Today programme that technology “empowered” women and said magazines such as Glamour didn’t include enough features about tech.

The agency numbers among its clients Nokia, Dell, Microsoft, Sony, Vodafone,Kaspersky, Ubisoft and, er, the BBC. But not Intel.

According to its web page, 80 percent of all tech decisions are influenced by women but only three percent of advertising creative directors are women.

Technology is commoditised now so no one really cares about it anymore apart from Microsoft, Sony and the rest.