The executive acknowledges that some governments (he hasn’t said which) have pressured Kaspersky Lab to go to the “dark side” and launch cyberattacks, and that some staffers are former Russian intelligence officers. However, he insists that his company has never caved to those demands, and that the hires are “most probably” sales staff meant to court government deals. He adds that the company network is too segmented for any one employee to abuse it.
Whether or not the American government is receptive is another story. Some in Congress (most notably Senator Jeanne Shaheen, who tweaked a bill to ban Kaspersky Lab from Department of Defense contracts) are convinced that the outfit is connected to the Russian government. Also, there’s the question of whether or not source code would even be effective in changing minds. The worry isn’t so much what Kaspersky Lab is doing right now as what it might do in the future. What if Russia orders the company to introduce backdoor exploits, or slips a mole into a key position? Even if it’s fiercely independent, it could be an involuntary agent.
There’s no evidence at this point to suggest that Kaspersky Lab is misbehaving. One of its employees was even arrested by Russia over treason allegations relating to actions taken before he joined the Kaspersky team. Even so, American politicians may have a hard time believing the company regardless of the evidence it provides. Just the potential for digital espionage is setting them on edge, and neither code nor testimony is guaranteed to change that mindset.