Kaspersky Company Brief










PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download
.

Company Brief
Kaspersky 

by Karen Spring

Docid: 00021089

Publication Date: 1909

Report Type: VENDOR

Preview

Kaspersky is a cybersecurity company based in Russia but with operations
around the world. It develops and markets its cybersecurity software, solutions,
and services to protect organizations from next generation and advanced
threats. Aside from its products, Kaspersky is well-known for its
threat research and has uncovered numerous nation-state and global cyberspy
threat entities including Duqu, Black Energy, and Sofacy. Although the US has
banned the usage of all Kaspersky products in government networks and systems
due to the company’s possible ties to the Russian government, Kaspersky and its CEO Eugene Kaspersky
deny these claims. 

Report Contents:

Fast Facts

[return to top of this report]

Name: Kaspersky
Worldwide Headquarters
39A/3 Leningradskoe Shosse
Moscow, 125212 Russian Federation
Phone:
+7-495-797-8700
Fax: +7-495-797-8709
Email: info@kaspersky.com 
Web: https://www.kaspersky.com/

US Headquarters
500 Unicorn Park, 3rd Floor
Woburn, MA 01801
Phone: (866) 328-5700
Fax: (781) 503-1818
Email: info@kaspersky.com 
Web: https://usa.kaspersky.com/ 
Founded: 1997 
Service Areas:
Enterprise, Cybersecurity


History

[return to top of this report]

Founded in 1997 in Moscow by Eugene Kaspersky, Natalya
Kaspersky, and Alexey De-Monderik, Kaspersky expanded into North America in 2004. The
company develops and markets its cybersecurity products, including antivirus,
endpoint management, sector-specific solutions, and other offerings. Additionally, Kaspersky’s team of
security researchers report on and assess the latest cyber threats such as
ransomware, cryptocurrency mining malware, botnets, banking Trojans, and the
hacker underground. This group, known as GReAT (Global Research and Analysis
Team), consists of more than 40 security experts around the world who deliver
anti-threat intelligence. GReAT has uncovered some of the most sophisticated
threats and threat entities, including Flame, miniFlame, DarkHotel, Epic Turla,
Equation, Duqu 2.0, Sofacy (also known as Fancy Bear), CozyDuke (also known as
Cozy Bear), Black Energy, and more – many of which are nation-state entities
infiltrating organizations for cyber espionage purposes. 

Kaspersky is among the world’s largest privately owned security companies, operating
in 200 countries around the globe, and has over 4,000 security specialists. The
company’s portfolio delivers security and protection for consumers, small
companies, medium-sized organizations, and enterprises. Eugene Kaspersky is
the firm’s CEO. 

Key Executives

[return to top of this report]

Kaspersky is led by the following individuals. 

CEO: Eugene Kaspersky 

Chief Operating Officer: Andrey Tikhonov

Chief Legal Officer: Igor Chekunov

Chief Sales Officer: Alexander Moiseev

Chief Human Resources Officer: Marina Alekseeva

Chief Technology Officer: Andrey Efemov

Corporate Advisor: Alexey De-Monderik

Its local management team for North America comprises the following
personnel. 

EVP, Finance and Operations: Angelo Gentile

Legal Counsel: Trina Sen

VP, Head of Digital Sales: Brian Anderson

VP, Support and Services: Anthony Bellia

VP, Enterprise Sales: Rob Cataldo

VP, Pre-Sales and Systems Engineering: Ori Ammar

Head of Corporate Communications: Sarah Kitsos

VP, Human Resources: Alena Reva

Head of SMB and Channel Sales: Matt Courchesne

Head of IT Service Desk: Jim Moffitt

Major Products

[return to top of this report]

Kaspersky offers products and services for consumers, small businesses
with up to 50 employees, medium-sized organizations with up to 999 employees,
and enterprises. The vendor’s enterprise security portfolio is quite
comprehensive and protects infrastructure from malware and other types of
threats that could result in breaches. Table 1 depicts Kaspersky’s main
enterprise product lines. 

Table 1.
Kaspersky Main Products and Services

Product/Service

Description

Endpoint Security

Protects against next generation threats, including known, unknown and
advanced through consistent security layering and machine learning to reduce
the attack surface. Kaspersky Endpoint Security is a fully scalable platform
offering the following benefits: 

  • Threat protection
  • Endpoint control
  • Server protection
  • Anti-ransomware
  • Process and memory protection
  • Patch and vulnerability management
  • GDPR compliance
Embedded Systems Security

Kaspersky protects Windows-based embedded systems from threats that can exploit
critical data. Offering protection for systems running end-of-life operating
systems like Windows XP is another Kaspersky feature. 

  • Application and device controls
  • Anti-malware and memory protection
  • File integrity monitoring and log audit
Hybrid Cloud Security

Secures applications and data for physical, virtual, and cloud workloads.
Kaspersky’s Hybrid Cloud Security seamlessly manages all on-premise and in the
cloud assets through a single console and provides multi-layered protection.

Anti Targeted Attack Platform

Detects targeted attacks and advanced threats, recognizes already
compromised machines, and provides threat management and multi-layered
preventative technologies. The platform’s main features include: 

  • Visibility and internal and external monitoring
  • Multi-dimensional threat detection
  • Advanced threat prevention and response

Endpoint Detection and Response

Kaspersky scans endpoints to identify threats and indicators of compromise
that can breach data and networks. Uses a single interface to fulfill
security tasks. 

  • Automated threat identification
  • Endpoint visibility
  • Threat hunting, incident management, and response processes

Security for Microsoft 365 

Uses heuristics, sandboxing, and machine learning techniques to protect
Office 365 fro phishing, ransomware, malicious attachments, spam, and
business email compromises. 

  • Phishing and malware protection
  • Multiple threat detection methods

Industries

Kaspersky offers customized security applications for the following
sectors: 

  • Industrial control system environments
  • Financial services
  • Healthcare
  • Transportation
  • Retail 
  • Telecom

Services

Kaspersky’s enterprise services are designed to predict, prevent, detect,
and respond to cyber attacks and threats. Services include: 

  • Cybersecurity
  • Security Awareness
  • Premium Support
  • Professional Services
  • Threat Intelligence
  • Security Assessment
  • Threat Hunting
  • Incident Response
  • Security Training

Major Competitors

[return to top of this report]

The cybersecurity market is jammed with vendors who have various products,
services, and solutions to combat next generation threats and the newest
exploits. Kaspersky  is considered a market leader in many security areas,
but it faces a great deal of competition from the following companies: 

Bitdefender: https://www.bitdefender.com/ 
Check Point Software: https://www.checkpoint.com/ 
Cisco: https://www.cisco.com/ 
ESET: https://www.eset.com/ 
F-Secure: https://www.f-secure.com/ 
McAfee: https://www.mcafee.com/ 
Microsoft: https://www.microsoft.com/ 
Palo Alto Networks: https://www.paloaltonetworks.com/ 
Sophos: https://www.sophos.com/ 
Symantec: https://www.symantec.com/ 
Trend Micro: https://www.trendmicro.com/ 

Recent Activity

[return to top of this report]

Kaspersky, its products, and its CEO have come under intense scrutiny
by US federal officials as well as governments in other nations. This
stems from Eugene Kaspersky’s previous work with Russian military intelligence –
some publications have warned that Kaspersky had worked for the KGB (a claim
that the company vehemently denies) – and US officials became alarmed that Kaspersky
software was being used to surreptitiously collect data and send
it to the Russian government for espionage purposes. In 2017, it was reported
that Russian hackers infiltrated a National Security Agency (NSA) contractor’s
computer that was running Kaspersky software to steal classified government
data.1 Days later, a new story broke: Israeli cyber intelligence
officials, who had hacked into Kaspersky’s network, observed Russian hackers
inside the vendor’s own network searching for information on American
intelligence programs. The Israeli hackers contacted US government officials and
reported their findings – the Russian cyber thieves hacked the NSA contractor’s
home computer and stole the classified data, knowing that the employee had used
Kaspersky cybersecurity software. That software – like most antivirus products –
scans the entire computer system to identify threats and malware and has access
to every file and directory. This gave the Russian hackers the perfect
exploitative environment to glean details about sensitive US government data.2

The Department of Homeland Security banned Kaspersky products at all
federal agencies, saying, "This action is based on the information security
risks presented by the use of Kaspersky products on federal information
systems… The risk that the Russian government, whether acting on its own or in
collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly
implicates US national security."3  Kaspersky rejected
the allegations and responded by saying that its products and solutions
"are designed to protect against cybercriminals and malicious threat
actors, not enable attacks against any organization or entity. The company does
not develop any offensive techniques and has never helped, or will help, any
government in the world in their offensive efforts in cyberspace."

The company’s statement did little to thwart the US government’s offensive.
In December 2017, President Donald Trump signed legislation banning the use of
any Kaspersky products within the government. The law applies to both
military and civilian networks. Kaspersky turned around and sued Trump’s
administration but both of those cases have since been dismissed. There’s been
talk that the US may eventually decide to prohibit the company’s products
nationwide, essentially booting Kaspersky’s operations from the country. The
United Kingdom followed the US initiative and prohibited the use of Kaspersky
products on its government networks. Citing Russia’s attacks on UK cyberspace
interests, the Government Communications Headquarters’ National Cyber Security
Centre made this statement, "…we advise that where it is assessed that
access to the information by the Russian state would be a risk to national
security, a Russia-based AV (antivirus) company should not be chosen. In
practical terms, this means that for systems processing information classified
SECRET and above, a Russia-based provider should never be used… we are in
discussions with Kaspersky… about whether we can develop a framework that
we and others can independently verify, which would give the Government
assurance about the security of their involvement in the wider UK market. In
particular, we are seeking verifiable measures to prevent the transfer of UK
data to the Russian state."

Kaspersky went ahead and launched a Global Transparency Initiative as a
way to try and earn back the trust of the US government and other entities. As
part of the initiative, the company’s source code, which is used in its
software, is made available for assessment by an independent entity. Kaspersky
also established three Transparency Centers in Malaysia, Madrid, and Zurich in an effort to move some of its main operations out of Russia and have
those activities monitored by independent third parties. By the end of 2019, a data center will open
in Zurich and will store and process information for users in North America,
Europe, Singapore, Australia, Japan, South Korea, and other nations. Zurich will
also house Kaspersky’s "software build conveyer," a programming
toolset that is used to assemble software from source code. 

As if Kaspersky hasn’t received enough heat over the past few years, a
researcher uncovered a critical issue with the vendor’s antivirus software. The
antivirus injected a unique identifier into the HTML source code for every site
that a user visited regardless of which browser was used. This identifier could
be abused for tracking purposes. Ronald Eikenberg, the researcher who made the
discovery, said, "To investigate, I experimented with Web browsers Firefox,
Edge, and Opera. Again, the same line of code popped up everywhere. Since I had
no suspicious browser extensions installed which could be responsible, the
simple conclusion was that Kaspersky’s virus protection was manipulating my
traffic. Without my permission, it was injecting that code. Before that day, I
had observed such behavior only from online banking Trojans."4
Eikenberg notified Kaspersky and learned that this issue had been introduced in
the vendor’s 2016 antivirus editions, which debuted in the fall of 2015.
Millions of users have been affected. Kaspersky told Eikenberg that "such
an attack is too complex and not profitable for cybercriminals, and therefore
unlikely to happen" but the researcher says that this is far from the truth
and could certainly be used by criminals to spy on people.5  In
June 2019, Kaspersky patched this issue. 

After more than 22 years, the vendor, which had previously done business as
"Kaspersky Lab," dropped the Lab from its name. The new branding is
intended to shift Kaspersky’s focus from "cybersecurity" to what it
considers "cyber-immunity," which involves a protective ecosystem that
alleviates threats from all connections. 

References

[return to top of this report]

1 Gordon Lubold and Shane Harris. "Russian Hackers Stole NSA
Data on US Cyber Defense." The Wall Street Journal. October 5,
2017. 

2 Nicole Perlroth and Scott Shane. "How Israel Caught
Russian Hackers Scouring the World for US Secrets." The Wall Street
Journal
. October 10, 2017. 

3 Asha McLean. "Homeland Security Bans Kaspersky Lab Software Across US Government." ZDNet. September 13, 2017. 

4 Ronald Eikenberg. "Kasper-Spy: Kaspersky Anti-Virus Puts
Users at Risk." c’t Magazin. August 15, 2019. 

5 Ibid. 

About the Author

[return to top of this report]

Karen M. Spring is a staff editor for Faulkner Information
Services, tracking several high-tech industries. She has research experience in
various topics including network security, data breaches, malware, public
safety, business continuity and resilience and vulnerabilities. She has written
on high-tech topics for publications in the k-12 and higher education industry.
Ms. Spring started her career as a marketing specialist for two computer
distributors, working closely with such clients as 3Com, IBM, Okidata, Unisys,
and Acer. 

[return to top of this report]