Don’t people get tired of creating computer viruses, worms, Trojans and malware when there are so many other productive things to do with their time? Why are there so many? They just keep coming so Anti-virus makers continue to make a killing by seeking out and collecting malicious code and selling software that kills these codes. I’ve been told more than once that maybe, these same companies are responsible for some of these viruses in the first place in order to get ahead or stay in the game. Seems possible since you can’t fight a war without making enemies. Now one of these companies, Kaspersky Labs, maker of the award-winning Kaspersky Internet Security no less, is being accused of spreading malware that fools the competition into identifying important system files as malicious.
Kaspersky is being accused by two former employees as being responsible for crippling the computers of people that use non-Kaspersky security software. Considering the source, this could either be dismissed as a simple case of disgruntlement or the real possibility of the horrible practice previously mentioned done by the security industry. It’s a horror story involving some disgruntled hospital nurse or psychotic physician injecting substances into unsuspecting patients causing anaphylactic shock or a cytokine storm.
The alleged Kaspersky malware works in a way that it inserts bad code into ordinary files used by the system. If a user has this malware and uses an anti-virus other than Kaspersky, their anti-virus detects the files as malicious and could either delete the files or send them to quarantine where by the time it will be used by the system, that system can’t find them and won’t be able to print, connect to the network or the system could simply crash.
Kaspersky Labs, one of the world’s biggest security companies of course strongly denies such a practice as would any reputable security company like Symantec, Trend Micro or McAfee. Kaspersky did admit that in 2010, they intentionally spread ‘bad rumors’ about ten harmless files they created themselves created to see if it would slide down the grapevine without anyone checking. Like any other hot scandal, the ten ‘malicious’ files found their way into the lists of other products of Kaspersky’s competitors. Kaspersky did the stunt to prove a point that the competition wasn’t doing any genuine effort in detecting bad code but just following the lead of others which is embodied in the famous Jurassic Park quote by Dr. Ian Malcolm:
“…I’ll tell you the problem with the scientific power that you’re using here, it didn’t require any discipline to attain it. You read what others had done and you took the next step. You didn’t earn the knowledge for yourselves, so you don’t take any responsibility for it. You stood on the shoulders of geniuses to accomplish something as fast as you could, and before you even knew what you had, you patented it, and packaged it, and slapped it on a plastic lunchbox…”
The former employees did say that co-founder Eugene Kaspersky was ‘pissed’ that the competition was just copying the company’s efforts instead of developing their own technology. This ten-file misleading by Kaspersky is clearly justifiable but the other accusations have a profound impact at how people will look at security companies.
To sabotage or mislead the competition is one thing, but intentionally creating debilitating malware to stay in business is a very serious matter to which Kaspersky Labs is now accused of. According to the former employees, Eugene created a task force to reverse-engineer the code shared by his competitors to find out what makes them tick and use it in order to sabotage them by making them think some important system files are malicious. So basically, Kaspersky made malware. For the longest time many people have wondered about the non-stop onslaught of computer viruses, worms and Trojans, whether or not they came out of some dark basement born out of some obnoxious nerd’s imagination or the anti-virus makers themselves. After Polio gets eliminated, pharmaceuticals need to come up with some new strain to stay in business, right? It’s also strange that an HIV vaccine is just around the corner but we’re still stuck with the common cold.
It’s a possibility that some security companies may be guilty of creating their own monsters to fight, but there are still tons of real threats out there now, and many of them are not borne out of someone’s sick sense of humor or a psychotic can-do attitude. Many viruses, worms, Trojans and other malware are now after the bottom line. They’re after important information like a user’s credit card information or passwords and credentials that lead to thousands of credit card information. There are malicious bits of code waiting to enter one’s PC that enable other people to take control of it or hold it hostage in exchange for money. So there’s still a very real need by the general population for security software. If there’s going to be any malicious code sabotage done by security companies, it would be amongst themselves but woe is the user caught in the crossfire.
As mentioned, despite the conspiracy theory and paranoia, there are real threats out there and there’s no one else to protect our systems but these security companies. If we can’t trust them, there’s no one else.