Security Market Segment LS
Friday, 05 April 2019 10:30

Kaspersky unlikely to reveal details of American APTs at summit

Kaspersky unlikely to reveal details of American APTs at summit Image by Stefan Schweihofer from Pixabay

ANALYSIS Predicting the future is generally a game for mugs but it is possible to say with a high degree of certainty that there will be no details of any American advanced persistent threats or APTs unveiled during Kaspersky Lab's annual Security Analyst Summit that kicks off in Singapore on Monday.

The company generally keeps a big story under its hat and releases it at the summit in order to squeeze maximum coverage out of it – all tech conferences are held to have a good time, but publicity is the main game, so this is not unusual.

Last year, Kaspersky Lab released details about Slingshot, malware that infects Windows systems via routers and which it claimed had been used for cyber-espionage from at least 2012 until February 2018.

Hardly a fortnight had gone by after the announcement, when the website CyberScoop, which lives mostly on a dripfeed of leaks from the US intelligence community, claimed that Slingshot was a US military program run by the Joint Special Operations Command, a part of the Special Operations Command. It said Slingshot was used by US military and intelligence personnel to collect information about terrorists.

For some, that was seen as a parting shot by Kaspersky Lab as payback for the US banning its software from use in the public sector and also putting pressure on outlets like Best Buy to stop selling its products.

For its part, Kaspersky Lab denied it had any previous knowledge that Slingshot was a US Government operation.

But now, with the company on a different trajectory and the whole US affair behind it, it is highly unlikely that it will again do what seems to have irritated American intelligence agencies in the first place: reveal APTs which the government has put in place for cyber warfare against other countries.

That the US moves against Kaspersky Lab were dissimilar to its actions against companies like the Chinese telecommunications equipment vendor Huawei is evident from the fact that Washington did not try to get any country it considers an ally to ban the use of Kaspersky products. The ban was only pursued within the US.

But it came after a series of events, the culmination being the leaking on the Web of a number of Windows exploits from the NSA by a group known as the Shadow Brokers in 2016.

Kaspersky Lab researchers are generally accepted to be at the top of the security game and they have revealed a number of nation-sate activities, beginning with the attempted hack in 2014 by the UK's GCHQ of a Belgian telecommunications provider.

In 2015, Kaspersky exposed a group it called the Equation Group, which has been long rumoured to be an internal NSA unit.

The company also detailed how the Stuxnet operation was carried out to cripple Iran's nuclear reactors. Stuxnet was discovered by Sergey Ulasen in 2010; he joined Kaspersky Lab a year later. The virus was infiltrated into Iran's nuclear labs through an USB drive as the lab was not connected to any external network.

Israeli Government hackers breached the Kaspersky network in 2014; after the company found out in 2015, it wrote a long, detailed analysis of the incident.

In 2016, following the election of US President Donald Trump, there was general anti-Russian hysteria in the US. And then came the Shadow Brokers' leaks.

Kaspersky Lab was tied to the Brokers through claims in the three main US mainstream newspapers — The New York Times, The Wall Street Journal and the Washington Post — all based on anonymous sources.

What happened after that is well known. The US Government banned the use of Kaspersky Lab products in the public sector and Kaspersky was gradually forced to close its Washington office. Taking legal action did not help and all Kaspersky's efforts were in vain.

The big story for this year's summit — a sophisticated supply chain attack which used the live update utility that comes on hardware made by ASUS — was leaked to a freelancer, Kim Zetter, last month. But the gloss was taken off what was claimed as a scoop, when Kaspersky Lab published a blog post about the attack just hours after the so-called exclusive was put online.

More details about this attack have been promised at the summit, but the main course has already been sampled.

Given all the pain it has been subjected to since the Shadow Brokers' leaks, it is unlikely that Kaspersky Lab will ever go down the path of releasing anything that remotely looks like an American APT – though its customers who pay for security news may well be told of such malware, though not of its origins.

Read 3455 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News