Now the three-year-old developer is setting up shop in the US and preparing to step up its war against viruses.
While alerts from anti-virus vendors, including such major players as Symantec, Network Associates and Computer Associates International, have helped companies in the ongoing battle against virus attacks, some IT managers are concerned about the Chicken Little effect the constant stream of warnings is creating.
"If they're trying to scare me, they're doing a good job," said Randy Berkow, security manager at Amerada Hess. "You get used to their marketing ... being nothing. Then when a real attack hits, [users are] all taken by surprise. I welcome the competition. But I don't welcome the hype they'll bring."
No apologies
What Kaspersky brings is an aggressive and unapologetic attitude in marketing its flagship products. But some observers believe the company goes too far in sensationalising the threats of virus attacks, exploiting an industrywide system of misinformation with warnings of viruses that turn out to be trivial.
Of the last 10 virus warnings Kaspersky has issued, none is on anti-virus company Sophos's list of the 10 most reported viruses. And virus strains don't have to be propagating for Kaspersky to issue a warning -- as long as they have the potential to spread. Its latest warning, for a Windows 2000 threat called W2K.stream, noted, "Kaspersky Lab has not registered any infections resulting from this virus; however, its working capacity and ability for existence 'in-the-wild' are unchallenged."
Kaspersky's strategy: plant a seed of fear early, using its engineers to find flaws, then exploit those fears through ominous warnings to sell updated versions of its anti-virus software.
"We're trying to establish brand as much as possible," said CEO Natalya Kaspersky, explaining that when her engineers find vulnerabilities, they are handed off to the head of corporate PR for publicity. "Maybe it's because we are faster in getting information out than the big companies."
Grumblings in the US
Such tactics don't sit well with the US anti-virus and security community. "The company takes a [public relations] stance over an education stance," Simon Perry, vice president of security solutions at Computer Associates, said in the wake of June's Timofonica mobile phone scare. Kaspersky broke the news on Timofonica, but it turned out to be a nonissue.
Graham Cluley, a spokesman for London-based Sophos, was more blunt.
"Kaspersky has been one of the worst offenders," Cluley said. "It's getting boring because we're spending all our time having to think about new ways to say to users, 'No problem. Don't worry.'"
Sour grapes, countered Kaspersky. As long as such aggressive tactics help her build her company, she has no plans to ease up on the throttle. "I would say in many ways, Network Associates is more aggressive [than us]," she said. "Those companies try to act as if we don't exist. We'll see in five years."
From a business standpoint, it's hard to dispute the company's early success. Since its inception, it has quintupled in size to 100 employees. Revenues are on a 300 percent growth path this year (the privately held developer won't disclose actual revenue figures). The company owns half the Russian anti-virus market and dominates the Eastern European market.
And its growth has US investors inquiring, Kaspersky said. The new offices in California will be used to explore additional product and service opportunities in the United States.
"Give them credit," Cluley said. "They're getting attention. They have a good product; it's a shame they feel they have to do this."
Yelling 'Fire!'
As long as there are no standard metrics for users to consult when virus warnings or attacks do appear, the situation is likely to get worse, since various vendors will characterise the same threat in different ways, depending on what opportunity they hope to exploit. This week, after Kaspersky issued its warning of W2K.stream, Finjan Software followed with an advisory that warned against the possible "AIDS-like" spread of the virus and directed users to Finjan's Web site. Sophos and other vendors followed that by issuing statements downplaying the threat. Most sites now include a section on virus hoaxes, hoping to separate the hype from the real threats.
"These companies are doing the equivalent of yelling 'Fire!' in a crowded theater. It's that bad," said Bruce Shaffer, security manager at Keyport Life Insurance. "I've seen the stampedes they can cause by preying on fear. Maybe it's time we put these companies on the same level as the other con artists online."
Any backlash from competitors or customers has yet to persuade Kaspersky to back off her approach.
"Every company wants to promote itself," the CEO said. "Extensive information is the secret of our aggressiveness. It's more important for us to warn people. It is our responsibility."
