Kaspersky: Google hack takes spotlight from Russia
- 05 February, 2010 12:06
Kaspersky Lab may not be a household name in the United States, but in some parts of the world, it's the most popular consumer antivirus software. In China the company boasts 100 million users, and the software is also popular in Germany, and, of course, Russia, where Kaspersky got its start in 1997.
A graduate of Russia's Institute of Cryptography, Telecommunications and Computer Science, company co-founder and CEO Eugene Kaspersky got his start licensing antivirus engines to other companies instead of selling directly to consumers, and that licensing income remains a large part of Kaspersky Lab's business. The company counts Juniper, BlueCoat and CheckPoint among its partners. During the Russian economic crash of 1998, U.S. dollars from these foreign contracts kept the company afloat, and today IDC ranks it the number-four antivirus company worldwide.
It's not easy to build a technology company in Russia, but Kaspersky has pulled it off. Operating from a converted radio component factory on the outskirts of Moscow, Kaspersky now employs 1,800 and calls itself Russia's largest software company. In a country notorious for cybercrime, Kaspersky gives students with security skills a positive outlet for their talents. "Kaspersky really plays a big role at the national and international security market," said Elena Minaeva, a cryptography professor with Moscow's National Research Nuclear University. "Our best students [end up] working here," she said.
Though he now spends as much time on the road as at home in Russia, Kaspersky was in Moscow last week for a press event, where he was interviewed by IDG News. Following is an edited transcript of the interview.
IDGNS: How is Kaspersky's business looking for 2010?
Eugene Kaspersky: The last year was a year of financial crises. There was an impact, of course, on our business. Consumers -- especially in eastern European and Asian countries -- they started to use less legal software, but more pirated. Businesses started to count every license. So there was a negative impact, but at the same time we kept growing, so we managed to build the international partner network, we have good products. There was a negative vector and positive. Positive is more strong.
What was revenue like in 2009?
We're going to announce all of those figures at the end of February. The revenue for 2008 was $329 million. Last year we were still growing, and we were growing at a double-digit number. I can report that.
You're the biggest Russian software company. What are some of the challenges to building a software company in Russia - especially a security company?
There's a positive and negative to being a company based in Russia. In the beginning... [we had] no experience in how to build an international product. If you talk about technologies, there were generations of development in the education system in Russia. There were generations of technical education, but during the Soviet time there was, of course, no business education. So we had no experience and we had to [acquire] this knowledge by our own mistakes. When we started there were almost no education centers in Russia to study business issues.
The benefit is that Russia has a perfect technical education system, so it's much easier to find talented engineers here.
If you are a student about to graduate with good technical capabilities in Russia, what do you want to do? Work for a startup?
Usually people, they go to offshore companies, developing software by request, or they work as IT people in banks or other industries. Software companies, there are about 10 or 20 names, not thousands like in Silicon Valley.
Does that give you a hiring advantage, if there are not a lot of software companies and there are a lot of people getting a good education?
Kaspersky: There are not so many companies but [students] have enough job offers. It's competitive. In the past, software engineers in Russia, they were cheap. Now, if you [don't count] taxation, they make almost the same as in Silicon Valley. It's not cheap anymore.
There's this perception in the U.S. that Russia is the source of all sorts of cybercrime...
Now this perception has been changed. Now American media is starting to say 'Chinese hackers.' It was only 'Russian hackers,' now it's Chinese. It's a perception. It's the same in Germany about Americans. I read an article in CeBIT News that was about spam. And they didn't say just spammers, they said 'American spammers.' So in Germany there's a perception that all spam is coming from the United States. It's wrong.
Why is there this perception? I don't know. Is it the truth or not? Partly it's the truth. I think that Russian-speaking hackers and cybercriminals, they're number three in the ranking of cybercrime. Number one is China. It's quite a big distance to the second one. Second is Latin America -- well, Spanish- and Portuguese-speaking malware -- I think mostly from Brazil, but also from other countries as well. Russia, it's not just Russia, but they're from the Ukraine, from Kazakhstan, Baltic countries, or Israel, New York, Seattle, we don't know. The malware doesn't have a passport, and when the attacks are coming from some territory, we are not sure because it could be a proxy server. So it looks a bit stupid when they say, 'Oh this attack was run from China?' Why? 'Because their IP addresses, they are Chinese.' Come on. It's a proxy server in China that's it.
Have you paid attention to the Aurora attacks on Google and other companies?
We still don't have enough data about that, but there was too much noise, I think. These attacks are happening every day on some companies. They simply don't disclose the information. Why did they decide to start their PR? I don't know. It could be some part of the game.
To pressure China, you mean?
Yes, I think, but not on the government level. I think Google has its own strategy for the Chinese market and that it could be part of the strategy. So they took this incident as good news and disclosed it just to take more attention to the problems they have in China. And it's not just about human rights or freedom of information. It's also the fact that they have a major competitor in China: Baidu. The Chinese market is very difficult.
How is your business in China?
We have more than 100 million users in China. I didn't say customers.
How many paying users do you have?
Are you concerned at all about IP theft and espionage, getting back to Aurora?
This type of targeted attacks is not news, but still the security industry doesn't have the right answer for these issues. Still we are looking for the right ways to protect, and there's no magic bullet against that, because there are so many different attacks.