Kaspersky Lab Seeks To Restore Reliability By Opening Software to Review
Moscow-based Kaspersky Lab will ask independent parties to review the security of its anti-virus software, which the U.S. government has said could jeopardize national security.
The cyber security vendor said in a statement that it would submit the source code of its software and future product updates for review by a broad cross-section of computer security experts and government officials.
It also vowed to have outside parties review other aspects of its business, including software development. Reviews of its software, which is used on some 400 million computers worldwide, will begin by the first quarter of next year, it said.
"We've nothing to hide," Chairman and CEO Eugene Kaspersky said on Monday. "With these actions we'll be able to overcome mistrust and support our commitment to protecting people in any country on our planet."
Kaspersky said that the revieweres would have strong software security credentials and be able to conduct technical audits, source code reviews and vulnerability assessments.
The company also plans to open "transparency centers" in Asia, Europe and the United States where customers, governments and others can access results of the outside reviews and discuss any concerns about the security of Kaspersky products.
It also said it would expand a program where it pays independent security researchers to find security vulnerabilities in its products, boosting the maximum award size to $100,000 from $5,000.
U.S. President Trump's administration last month barred government agencies from using Kaspersky Lab anti-virus products. The U.S. Senate voted to back the plan.
Israeli intelligence officials said they had found Russian government hackers using Kaspersky antivirus software to steal spy secrets from the U.S. National Security Agency, according to reports this month in major U.S. media.
Kaspersky has repeatedly denied those allegations, saying it has not helped Russia or other governments engage in espionage and that it is simply caught up in a wider geopolitical spat between Moscow and Washington following allegations Russian hackers interfered in last year's U.S. elections.