How ESET handles state-sponsored malware
Not so long ago, a letter appeared in open access, which some well-known members of the AV / Security community sent to various antivirus companies in order to clarify their position on detecting state-sponsored / government malware (also known as cyber weapons), as well as clarify rumors regarding possible collaboration of such companies with special services of different countries to create a temporary corridor to delay the detection of relevant malicious objects.
The letter itself is presented here and asks for clarification from the companies on the following issues.
')
ESET Top Management Answer:
Richard Marko, CEO, ESET
Palo Luka, CTO, ESET
Juraj Malcho, Chief Research Officer, ESET
Ignacio Sbampato, Chief Sales & Marketing Officer, ESET
Andrew Lee, CEO, ESET North America
The letter itself is presented here and asks for clarification from the companies on the following issues.
- Have you observed the activity of malware, which clearly has a state-sponsored origin without its actual detection, i.e. adding to the database?
- Have the government structures asked you to postpone (remove) the detection of this or that malicious object? If so, could you provide information on such authorized software and for how long was the detection delayed?
- How would you respond to a similar request from the government in the future?
')
ESET Top Management Answer:
We had cases of detection of the so-called state-sponsored malware, for example, Win32 / R2D2.A, while we knew in advance about its origin, even before being added to the database, since this information was already publicly available. However, in most cases we do not have information about the origin of the malicious code and who was involved in its installation. That is, we can not know in advance whether the relationship of state. organs to develop it or not. From our point of view, the malware is malicious, regardless of who created it and we will make every effort of the virus lab to add it to protect our customers.
No government organization asked us to postpone the addition of this or that malware to the databases, or not to notify users about it.
If such a request appears in the future, we see no reason for its compliance. The mission of our company is to protect users from all malware and any malware. This is our job and our customers expect the appropriate level of security technology.
Richard Marko, CEO, ESET
Palo Luka, CTO, ESET
Juraj Malcho, Chief Research Officer, ESET
Ignacio Sbampato, Chief Sales & Marketing Officer, ESET
Andrew Lee, CEO, ESET North America
Source: https://habr.com/ru/post/204636/
All Articles