Kaspersky Lab announced it was temporarily halting its cooperation with Europol following the voting of a controversial motion in the European Parliament today.
The motion was voted today in a plenary session of the European Parliament and received 476 votes in favor, 151 against, while 36 MEPs (Members of the European Parliament) abstained.
Among the motion's clauses is one that calls on EU states to review the software and equipment they use in the IT infrastructure of EU institutions.
The document advises EU states to exclude and ban programs and equipment that have been confirmed as malicious.
The issue that angered Kaspersky Lab officials was that this particular clause specifically mentioned the Russian-based antivirus vendor by name when the motion's authors attempted to give an example of a product "confirmed as malicious."
76. Calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programmes and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab;
Having been called out in an official EU document, albeit one with no legislative power, did not stand well with Kaspersky officials.
The company has been one of the first antivirus companies who signed collaboration agreements with Europol and state-level law enforcement agencies.
In addition, together with Europol, Dutch Police, and McAfee (formerly Intel Security), Kaspersky was one of the founding members of NoMoreRansom, a project that helps ransomware victims by providing free decrypters.
The European Parliament Research Services recognized the NoMoreRansom project as a successful case of public-private cooperation in a recent report.
Ensuing today's vote, Kaspersky Lab formally announced it would temporarily halt its cooperation with Europol officials and work on the NoMoreRansom project.
"We have protected the EU for 20 years working with law enforcement leading to multiple arrests of CYBERCRIMINALS," Kaspersky Lab CEO, Eugene Kaspersky wrote today on Twitter, following the EU Parliament vote.
"Based upon today’s decision from the EU Parliament, we are forced to freeze our cooperation with orgs including Europol & NoMoreRansom," he added. "The way we conducted [this] public-private partnership is unfortunately ceased until the withdraw of the European Parliament decision."
We have protected the EU for 20 years working with law enforcement leading to multiple arrests of CYBERCRIMINALS. Based upon today’s decision from the EU Parliament, we are forced to freeze our cooperation with orgs including @Europol & #NoMoreRansom pic.twitter.com/7dSGn9Bycw— Eugene Kaspersky (@e_kaspersky) June 13, 2018
"Although this report has no legislative power it demonstrates a distinct lack of respect for the company which has been a firm friend of Europe in the fight against cybercrime," a Kaspersky spokesperson added to the CEO's opinion later today.
The entire fault of this debacle strictly falls on the EU Parliament and its Foreign Affairs Commission, which was responsible for wording the report.
The inclusion of Kaspersky's name on the report is mindboggling.
In April this year, before the motion's last wording, an EU representative answered a question about the rumors that Russian intelligence used Kaspersky products to gain access to classified information.
The EU spokesperson, answering on behalf of the Commission, said "the Commission [had] no indication for any danger associated with [the Kaspersky] anti-virus engine."
In spite of this, the company's name was later included as an example of "confirmed as malicious" programs in the motion's final text.
The Russian AV vendor is now in danger that EU states looking into enforcing the joint cyber defense strategy may be taking the report a little bit too literally and may enforce bans without being given any palpable evidence, just by going on its text.
The Russian antivirus vendor has been trying to clear its name for months after its products have been banned on US and Dutch government networks, and the UK has also advised against using the company's software.