Want to see who topped the 2019 Best Software Awards?
G2 Crowd User in Internet

How does Kaspersky work?

over 2 years ago

What are your principles of fighting cyberthreats?

Vendor Responses

Response by Kaspersky

about 2 years ago

Cyberthreats have become a global problem which spread far beyond any geographical borders. As an IT security company, Kaspersky Lab is determined to detect and neutralize all forms of malicious programs, regardless of their origin or purpose.

One of Kaspersky Lab’s most important assets in fighting cybercrime is the Global Research & Analysis Team (GReAT), comprising top security researchers from all over the world – Europe, Russia, the Americas, Asia, and the Middle East.

We have a clear policy concerning the detection of malware: we detect and remediate any malware attack. There is no such thing as "right" or "wrong" malware for us. Our research team has been actively involved in the discovery and disclosure of several malware attacks with links to governments and state organizations. Over the past few years we have published in-depth research into Flame, Gauss, The Mask/Careto, Regin, Equation, Duqu 2.0 – some of the biggest state-sponsored mass-surveillance operations known to date. To chronicle the ground-breaking malicious cyber-campaigns that have been investigated by GReAT, Kaspersky Lab has launched a Targeted Cyberattack Logbook.

We report on any kind of threat we discover, and it does not matter which language the threat ‘speaks’ - Russian, Chinese, Spanish, German, or English. The following list of threats, as reported by our GReAT team, shows the different languages used in each case:

Russian language: RedOctober, CloudAtlas, Miniduke, CosmicDuke, Epic Turla, Turla, Black Energy, Agent.BTZ, Teamspy

English language: Regin, Equation, Duqu 2.0

Chinese language: IceFog, SabPub, Nettraveler

Spanish language: Careto/Mask, El Machete

Korean language: Darkhotel, Kimsuky

French language: Animal Farm

Arabic language: Desert Falcons

However, the use of these different languages doesn’t permit attribution to any specific country. Language traces cannot be considered reliable evidence because they can be fabricated and deliberately planted in malware code as red herrings for investigators. For this reason, we don’t attribute threats to individual countries.