Kaspersky offered third-party review of code before ban from US markets
Russian cybersecurity firm offers independent third-party review of its code
Following the US ban on Kaspersky products and subsequent updates to its software, the Moscow-based antivirus company has revealed it had offered a third-party review into its code in an effort to convince the country's government to allow it to continue operating in US markets.
The company proposed a “comprehensive assessment framework” to show the Kremlin does not have access to its software.
However the proposal was rejected by the US, Kaspersky says (via TheRegister).
US remains unconvinced
Kaspersky has not been dismayed by the rejection, and hopes to continue its push to prove it is not a national security concern and re-enter the US markets that accounted for just under 10% of its global revenue in 2023.
A blog post shared by CEO Eugene Kaspersky looked to reassure US that its proposed assessment framework “can address most ICT supply chain risks relating to product development and distribution in an effective and verifiable manner.”
“These are in fact the mitigation measures we've submitted in a proposal for discussion to the US Department of Commerce – once again confirming our openness to dialogue and determination to provide the ultimate level of security assurances,” the statement continued, before concluding with, “However, our proposal was simply ignored.”
The assessment criteria proposed by Kaspersky would examine local data processing, and ensure that data processed in the US would remain in the US to reassure authorities that the Kremlin would not be able to get its hands on it.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The criteria would also ensure that data processed by Kaspersky would not include any personal information of its customers. Kaspersky’s threat database would also be under scrutiny to ensure that the updates it pushes for its software do not include anything suspicious. All three of these processes would be overseen by an independent third party.
Speaking on the proposed framework, Kaspersky VP of Public Affairs Yuliya Shlychkova said, “It's important that it's a two-way stream. One way is what data is being sent to Kaspersky solutions, and another stream is what data is being pushed from Kaspersky solutions towards users, and both streams are being checked by the third-party reviewers.”
In an effort to underline its commitment to remaining a neutral party despite recently increased tensions between the US and Russia, Kaspersky has also offered the same framework to the EU as a show of good faith.
More from TechRadar Pro
- These are the best internet security suites
- Kaspersky gives US customers six months free security software as a farewell
- Take a look at our guide to the best parental control apps
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.