In the days following the Department of Homeland Security’s ban against using Kaspersky antivirus software, several of that company’s competitors have begun using the controversy for a business advantage.
The ban, issued Wednesday, is the culmination of months of open distrust for the Russian-based company from members of Congress and leaders of the US intelligence community, and reflects a nervousness that information about US government computers is routinely sent to servers in Russia. DHS’s statement echoes the broad distrust that community has had of Russia since that country’s interference in the 2016 US election, saying, “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies.” A spokesperson for Russian President Vladimir Putin has characterized the ban as an attempt to harm a prominent Russian company in the international market.
The company’s founder and CEO, Eugene Kaspersky, who was trained by Russian intelligence as a young man, has long vocally insisted that he abides by the laws of every country that uses his software and that he has no direct ties to any intelligence agency. He has been invited to testify before the House of Representatives about his company and has applied for an expedited visa to go to Washington.
The DHS itself is unsure of exactly how many federal computers use Kaspersky software, a representative said, which is why the first order of its ban is for a full federal accounting of how many systems have it installed.
Some industry executives have openly pondered whether the Kaspersky ban was more motivated by politics than by an actual problem with its products. David Kennedy, founder of Cleveland-based TrustedSec, previously told BuzzFeed News that “we don’t know if Kaspersky has direct ties” to Russian intelligence.
But other Kaspersky competitors have seized on the controversy. Canadian antivirus software reseller Softchoice emailed potential clients, explicitly encouraging them to drop Kaspersky for another service.
In an email acquired by BuzzFeed News, Softchoice Senior Account Executive Nick Young sent a potential client a link to a New York Times story about the DHS ban, writing “if you are utilizing Kaspersky I thought you might want to take a look at this recent announcement.”
“A recent client of ours was in the middle of a three-year Kaspersky investment and IT is now being directed by the business to pull the investment and move to a new solution following the US Government’s decision to do the same,” Young added.
US-based Symantec tweeted a story by cybersecurity news site CyberScoop about the FBI urging US customers to drop Kaspersky.
Symantec didn't return BuzzFeed News’ request for comment. Joel Hoidas, Softchoice's manager of communications, told BuzzFeed News that “there is no marketing campaign” against Kaspersky, and blamed the email as sent by “an overzealous rep.”
Another company that sent out such emails, US-based Malwarebytes, said it was a mistake. A Malwarebytes marketing email read, in part, “If the US Government's ban of Kaspersky Lab's software has you concerned or you simply want to strengthen your security posture, it might be an opportune time to discuss Malwarebytes antivirus replacement for business.”
“This is not OK,” Malwarebytes CEO and cofounder Marcin Kleczynski told BuzzFeed News. “This was a third party marketing company that helps us get appointments with prospects.”
At least one cybersecurity company, however, said such ads are simply an expression of business competition. Romanian company Bitdefender ran a Facebook ad with a picture of a Trojan horse alongside the text "Bitdefender is helping customers all over the world switch from Kaspersky to a trusted endpoint protection solution."
“That is a tactical competitive marketing displacement campaign, this type of campaign is a fairly common marketing tactic,” said Damase Tricart, the company’s global communications director. The company isn’t unfairly singling out Kaspersky, he explained — it frequently creates marketing campaigns that specifically target competitors. As evidence, he pointed to a current campaign to convert Symantec customers.
Kaspersky himself characterized the ads as ineffective but reflecting badly upon his competitors.
“While we don't see a tangible negative impact from this marketing activity this is very bad for image of the cybersecurity industry,” he told BuzzFeed News.
Kevin Collier is a cybersecurity correspondent for BuzzFeed News and is based in New York.
Contact Kevin Collier at firstname.lastname@example.org.
Got a confidential tip? Submit it here.