He also mentioned the claim in the story that his company was aggressive in its methods of hunting for new malware.
The WSJ report claimed that Russian government hackers had obtained details of how the US breaks into networks of other countries and also how it defends itself, through the theft of material that was moved by an NSA contractor from his office machine to his home computer.
Later in the story, a former NSA employee's quotes appeared to allege that Kaspersky's anti-virus software made copies of everything it found on a computer, adding that the software was "aggressive" in its malware hunting methods. All anti-virus software exhibits similar behaviour.
You expected him to apologize for his product detecting NSA's malware and reporting it? Or for idiots taking classified materials home?— Vess (@VessOnSecurity) 5 October 2017
Eugene agreed with this characterisation, but said it was a positive.
"We absolutely and aggressively detect and clean malware infections no matter the source and we have been proudly doing it for 20 years," he said.
"This is the reason why we consistently get top ratings in independent, third-party malware detection tests. We make no apologies for being aggressive in the battle against malware and cyber criminals – you shouldn’t accept any less. Period."
He questioned why, if Russian hackers had exploited a weakness in one of his products installed on a user's PC, and government agencies concerned with security knew about it, they did not inform his company to patch the bugs that had led to the exfiltration of data.
"We patch the most severe bugs in a matter of hours, so why not make the world a bit more secure by reporting the vulnerability to us? I can’t imagine an ethical justification for not doing so," he said.
In what appeared to be a reference to the Stuxnet virus — allegedly created by US and Israeli programmers to subvert Iran's nuclear programme — as well as the current claims, Eugene wrote:
"In the end, I can’t shake off a disturbing thought: that the security of millions could be compromised yet again at the snap of a finger of an insider and in spite of the greatest technologies and measures, by the oldest threat actor — a $5 USB stick and a misguided employee."
Stuxnet was discovered by Sergey Ulasen (correction) in 2010; he joined Kaspersky Lab a year later. The virus was infiltrated into the Iran nuclear labs through an USB drive as the lab was not connected to any external network.