Kaspersky Government developing ‘denied area’ malware database

The company is working on one of the "greatest troves" of cyber threat information from the geographic hotbeds of cyber crime that are off-limits to most agencies.

From the former Soviet Union during the Cold War to nuclear weapons monitoring in places like Iran and North Korea, the U.S. has invested billions in surveillance technologies and human spies to gain insight into the world’s most closed societies. Knowing what is happening in these locations is critical to being prepared for emerging threats.

This year, Kaspersky Government Security Solutions Inc. plans to offer U.S. government agencies and private sector owners of critical infrastructure similar insight in the cyber realm through a “denied area” malware database. The database, which is scheduled to hit the market by the fourth quarter of this year, will include extracted metadata and code samples from emerging malware in Eastern Europe, Russia and Central Asia.

“For the past 60 years, this country has devoted untold amounts of treasure and risked lives and embarrassment to collect denied area intelligence. I am offering, in terms of cyber, one of the greatest troves of that sort of information that they could dream of,” Adam Firestone, president and general manager of KGSS, said in an exclusive interview at FedScoop headquarters in Washington, D.C.

“Where are the hotbeds of malware production in the world? There are a couple, but in particular Eastern Europe, Russia and Central Asia,” Firestone said. “I solve 60 percent of your problem right then and there. We would provide denied area intelligence.”


A screen capture of Kaspersky’s real-time cyber attack map, showing a high volume of activity originating in Eastern Europe and Russia. (Kaspersky Lab).

Analysts and even KGSS executives acknowledge that Kaspersky Lab has had difficulties penetrating the U.S. government security market, stemming from a combination of geopolitical spillover and as of yet unfounded concerns about supply chain security — basically the provenance of the company’s software at a time when U.S.-Russia relations seem to be in a deep freeze.

The company continues to battle media reports quoting unnamed sources accusing Kaspersky Lab founder, Eugene Kaspersky, of using his company to support Russian intelligence services. But those accusations are not only unfounded, but they have no bearing on KGSS and its employees, Firestone said. Not only is KGSS a separate legal entity based in the U.S., but all of its employees are either eligible for or currently hold a U.S. government-issued security clearance. In addition, there are no non-U.S. citizens on its board of directors, Firestone said.

The company is also banking on a central weakness of the current U.S.-based cyber intelligence market. The security companies that sell large data sets of malware and threat analysis today collect their data from sensors deployed primarily in the U.S. and Western Europe. “The reality is this is data from a very specific geographic region. These companies do not have dominance or anything close to it in those [hotbed] regions,” Firestone said.

Although KGSS is a wholly owned subsidiary of Massachusetts-based Kaspersky Lab Inc., it can use its U.S. parent company’s association with the larger global Kaspersky Lab Ltd. enterprise — registered in the U.K. and headquartered in Moscow — to produce the malware database. Europe and Russia account for 80 percent of Kaspersky Lab’s revenues.
“Because of our affiliation with the greater global Kaspersky family of companies, we have the ability to pull information [from Russia and Eastern Europe], cut it off and transform it into a useful product,” Firestone said. “Cutting it off and transforming is an important part of the process because it allows us to build it as an American product.”


It’s not a silver bullet, Firestone acknowledges. “But it is a way to close the blind spots. In terms of the Kaspersky global organization, the organization has information that is untapped.”

KGSS is offering aggressive deals to those companies that are interested in becoming early adopters in return for helping the company refine the product requirements.

Latest Podcasts