The company generally keeps a big story under its hat and releases it at the summit in order to squeeze maximum coverage out of it – all tech conferences are held to have a good time, but publicity is the main game, so this is not unusual.
Last year, Kaspersky Lab released details about Slingshot, malware that infects Windows systems via routers and which it claimed had been used for cyber-espionage from at least 2012 until February 2018.
Hardly a fortnight had gone by after the announcement, when the website CyberScoop, which lives mostly on a dripfeed of leaks from the US intelligence community, claimed that Slingshot was a US military program run by the Joint Special Operations Command, a part of the Special Operations Command. It said Slingshot was used by US military and intelligence personnel to collect information about terrorists.
For its part, Kaspersky Lab denied it had any previous knowledge that Slingshot was a US Government operation.
But now, with the company on a different trajectory and the whole US affair behind it, it is highly unlikely that it will again do what seems to have irritated American intelligence agencies in the first place: reveal APTs which the government has put in place for cyber warfare against other countries.
That the US moves against Kaspersky Lab were dissimilar to its actions against companies like the Chinese telecommunications equipment vendor Huawei is evident from the fact that Washington did not try to get any country it considers an ally to ban the use of Kaspersky products. The ban was only pursued within the US.
Kaspersky Lab researchers are generally accepted to be at the top of the security game and they have revealed a number of nation-sate activities, beginning with the attempted hack in 2014 by the UK's GCHQ of a Belgian telecommunications provider.
In 2015, Kaspersky exposed a group it called the Equation Group, which has been long rumoured to be an internal NSA unit.
The company also detailed how the Stuxnet operation was carried out to cripple Iran's nuclear reactors. Stuxnet was discovered by Sergey Ulasen in 2010; he joined Kaspersky Lab a year later. The virus was infiltrated into Iran's nuclear labs through an USB drive as the lab was not connected to any external network.
Israeli Government hackers breached the Kaspersky network in 2014; after the company found out in 2015, it wrote a long, detailed analysis of the incident.
In 2016, following the election of US President Donald Trump, there was general anti-Russian hysteria in the US. And then came the Shadow Brokers' leaks.
What happened after that is well known. The US Government banned the use of Kaspersky Lab products in the public sector and Kaspersky was gradually forced to close its Washington office. Taking legal action did not help and all Kaspersky's efforts were in vain.
The big story for this year's summit — a sophisticated supply chain attack which used the live update utility that comes on hardware made by ASUS — was leaked to a freelancer, Kim Zetter, last month. But the gloss was taken off what was claimed as a scoop, when Kaspersky Lab published a blog post about the attack just hours after the so-called exclusive was put online.
More details about this attack have been promised at the summit, but the main course has already been sampled.
Given all the pain it has been subjected to since the Shadow Brokers' leaks, it is unlikely that Kaspersky Lab will ever go down the path of releasing anything that remotely looks like an American APT – though its customers who pay for security news may well be told of such malware, though not of its origins.