What are your principles of fighting cyberthreats?
Cyberthreats have become a global problem which spread far beyond any geographical borders. As an IT security company, Kaspersky Lab is determined to detect and neutralize all forms of malicious programs, regardless of their origin or purpose.
One of Kaspersky Lab’s most important assets in fighting cybercrime is the Global Research & Analysis Team (GReAT), comprising top security researchers from all over the world – Europe, Russia, the Americas, Asia, and the Middle East.
We have a clear policy concerning the detection of malware: we detect and remediate any malware attack. There is no such thing as "right" or "wrong" malware for us. Our research team has been actively involved in the discovery and disclosure of several malware attacks with links to governments and state organizations. Over the past few years we have published in-depth research into Flame, Gauss, The Mask/Careto, Regin, Equation, Duqu 2.0 – some of the biggest state-sponsored mass-surveillance operations known to date. To chronicle the ground-breaking malicious cyber-campaigns that have been investigated by GReAT, Kaspersky Lab has launched a Targeted Cyberattack Logbook.
We report on any kind of threat we discover, and it does not matter which language the threat ‘speaks’ - Russian, Chinese, Spanish, German, or English. The following list of threats, as reported by our GReAT team, shows the different languages used in each case:
Russian language: RedOctober, CloudAtlas, Miniduke, CosmicDuke, Epic Turla, Turla, Black Energy, Agent.BTZ, Teamspy
English language: Regin, Equation, Duqu 2.0
Chinese language: IceFog, SabPub, Nettraveler
Spanish language: Careto/Mask, El Machete
Korean language: Darkhotel, Kimsuky
French language: Animal Farm
Arabic language: Desert Falcons
However, the use of these different languages doesn’t permit attribution to any specific country. Language traces cannot be considered reliable evidence because they can be fabricated and deliberately planted in malware code as red herrings for investigators. For this reason, we don’t attribute threats to individual countries.