Security Market Segment LS
Friday, 05 April 2019 10:30

Kaspersky unlikely to reveal details of American APTs at summit

By
Kaspersky unlikely to reveal details of American APTs at summit Image by Stefan Schweihofer from Pixabay

ANALYSIS Predicting the future is generally a game for mugs but it is possible to say with a high degree of certainty that there will be no details of any American advanced persistent threats or APTs unveiled during Kaspersky Lab's annual Security Analyst Summit that kicks off in Singapore on Monday.

The company generally keeps a big story under its hat and releases it at the summit in order to squeeze maximum coverage out of it – all tech conferences are held to have a good time, but publicity is the main game, so this is not unusual.

Last year, Kaspersky Lab released details about Slingshot, malware that infects Windows systems via routers and which it claimed had been used for cyber-espionage from at least 2012 until February 2018.

Hardly a fortnight had gone by after the announcement, when the website CyberScoop, which lives mostly on a dripfeed of leaks from the US intelligence community, claimed that Slingshot was a US military program run by the Joint Special Operations Command, a part of the Special Operations Command. It said Slingshot was used by US military and intelligence personnel to collect information about terrorists.

For some, that was seen as a parting shot by Kaspersky Lab as payback for the US banning its software from use in the public sector and also putting pressure on outlets like Best Buy to stop selling its products.

For its part, Kaspersky Lab denied it had any previous knowledge that Slingshot was a US Government operation.

But now, with the company on a different trajectory and the whole US affair behind it, it is highly unlikely that it will again do what seems to have irritated American intelligence agencies in the first place: reveal APTs which the government has put in place for cyber warfare against other countries.

That the US moves against Kaspersky Lab were dissimilar to its actions against companies like the Chinese telecommunications equipment vendor Huawei is evident from the fact that Washington did not try to get any country it considers an ally to ban the use of Kaspersky products. The ban was only pursued within the US.

But it came after a series of events, the culmination being the leaking on the Web of a number of Windows exploits from the NSA by a group known as the Shadow Brokers in 2016.

Kaspersky Lab researchers are generally accepted to be at the top of the security game and they have revealed a number of nation-sate activities, beginning with the attempted hack in 2014 by the UK's GCHQ of a Belgian telecommunications provider.

In 2015, Kaspersky exposed a group it called the Equation Group, which has been long rumoured to be an internal NSA unit.

The company also detailed how the Stuxnet operation was carried out to cripple Iran's nuclear reactors. Stuxnet was discovered by Sergey Ulasen in 2010; he joined Kaspersky Lab a year later. The virus was infiltrated into Iran's nuclear labs through an USB drive as the lab was not connected to any external network.

Israeli Government hackers breached the Kaspersky network in 2014; after the company found out in 2015, it wrote a long, detailed analysis of the incident.

In 2016, following the election of US President Donald Trump, there was general anti-Russian hysteria in the US. And then came the Shadow Brokers' leaks.

Kaspersky Lab was tied to the Brokers through claims in the three main US mainstream newspapers — The New York Times, The Wall Street Journal and the Washington Post — all based on anonymous sources.

What happened after that is well known. The US Government banned the use of Kaspersky Lab products in the public sector and Kaspersky was gradually forced to close its Washington office. Taking legal action did not help and all Kaspersky's efforts were in vain.

The big story for this year's summit — a sophisticated supply chain attack which used the live update utility that comes on hardware made by ASUS — was leaked to a freelancer, Kim Zetter, last month. But the gloss was taken off what was claimed as a scoop, when Kaspersky Lab published a blog post about the attack just hours after the so-called exclusive was put online.

More details about this attack have been promised at the summit, but the main course has already been sampled.

Given all the pain it has been subjected to since the Shadow Brokers' leaks, it is unlikely that Kaspersky Lab will ever go down the path of releasing anything that remotely looks like an American APT – though its customers who pay for security news may well be told of such malware, though not of its origins.

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments