An interesting change is taking place in the world of digital security. As it becomes more clear that nations around the world are constantly probing each other’s online assets, firms once aligned together against malware and nefarious hackers, are now backing their host nations, injecting the world of cybersecurity with a bizarre patriotic slant.
Take Kaspersky for example, which hit the headlines a lot lately with the announcement of several scandals involving US state sponsored hackers. However, as Reuters reports, it hasn’t been anywhere near as forthcoming with detailing similar sorts of attacks perpetrated by Russian security experts. For those playing along at home, Kaspersky is a Russian company.
The same sorts of political games are being played in the West too, with US firms CrowdStrike and FireEye recently unveiling hacking schemes from China and Russia, and yet they haven’t revealed anything about their host country’s actions, which get a continual drumming in the press thanks to revelations from Edward Snowden, who currently resides in Russia under a temporary visa.
Of course you could jump to conclusions that the world’s digital security firms are teaming up with their particular national intelligence agencies to provide expertise and resources for assessing the hacking capabilities and actions of foreign nations. It could also work the other way though, with intelligence agencies feeding stories or information to these particular companies to announce, thereby making the claims seem more legitimate.
However, Kaspersky specifically has been investigated in the past for its relationship with Russian intelligence agencies, with current chief executive Eugene Kaspersky known to have attended a KGB run school and the COO having a history in the Russian military. It however denied any claims it was tied to the national interests of any country.
If you were feeling less cynical though, it could be said that the reason these different companies are shining a light on campaigns by foreign nations, is because their biggest presence is in countries where those nations are likely to be conducting probing attacks on digital infrastructure. The US does like to look into what Russia is doing online and vice versa, so it’s not too surprising that companies based in those countries unearth those sorts of attacks.
Considering the information that goes on with US companies and intelligence agencies like the CIA and NSA though, it would be naive to assume that there is no collaboration going on within other countries too.
However, whether those sorts of relationships continue could be dependant on how those firms are treated. HDD manufactures are unlikely to be pleased about the NSA installing malware within their firmware and likewise if security firms were to lose business because of involvement with their host nation’s government, their response could be to become more agnostic.
KitGuru Says: Do you think digital security companies are heavily involved with national intelligence agencies? If so, does that mean you would trust a UK company more than one based overseas?