In 2017, a notorious ransomware outbreak hit several large organisations globally. The attack came on the heels of a big WannaCry attack. Some cybersecurity experts suggested the cyberattack could be a new variant of the WannaCry ransomware or some form of Petya attack.
One cybersecurity firm had a different view. In its blog, the following day, it noted that the attack could be the work of a new malware that is different from all earlier known types of Petya.
The cybersecurity firm named the malware ‘NotPetya’, and put it under a separate malicious software family: wiper.
Perpetrators of a wiper attack are interested in deleting all the data from the victim’s computer. That means, any payment made in return for the stolen data is a waste.
A year later, the U.K. decided to name the perpetrator of the NotPetya attack. It accused Russia for launching the malware that specifically targeted organisations in Ukraine and Europe.
“The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organisations across Europe costing hundreds of millions of pounds,” Foreign Office Minister for Cyber Security Lord Tariq Ahmad of Wimbledon said in a statement.
The blog that led to the accusation was put out by Kaspersky. The Moscow-headquartered anti-virus firm did not name the perpetrator as Russia, but merely put out details of the exploit and NotPetya’s modus operandi.
Just a year earlier, the Russia-based firm received a cold reception across the Atlantic. The U.S. government unchecked it from the approved list of vendors used by federal agencies amid concerns the firm’s software could be used by the Kremlin to enter American networks.
The move to delist Kaspersky arose from the suspicion that the organisation could be compelled to assist Moscow to intercept communication transiting Russian networks.
Kaspersky was given an opportunity to present a written argument along with evidence that could assuage concerns of the federal authorities. The company immediately responded, and it was kept active in the U.S.
Now, as Russia’s invasion into Ukraine continues, Kaspersky is once again put under the geopolitical spotlight.
Last Friday, the Federal Communications Commission (FCC) added Kaspersky Lab to its list of communications equipment and service providers deemed threats to the U.S. national security. This is the first time a Russian firm has been added to the list.
The anti-virus software maker said it was “disappointed” with the FCC’s action, and called “a response to the geopolitical climate rather than a comprehensive evaluation of the integrity of Kaspersky’s products and services.”
According to several reports, Kaspersky’s products score high in reference test conducted at four top antivirus labs, including AV-Test Institute based in Germany. Also, several experts worldwide agree that company’s antivirus software does an excellent job of protecting computers.
And that is why Kaspersky’s situation looks like a what the company said about itself five years ago, that it is “caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game.”