Kaspersky Lab has published reports on alleged electronic espionage by the U.S., Israel, and the U.K.—but it’s yet to look at Russia
Kaspersky Lab sells security software, including antivirus programs recommended by big-box stores and other U.S. PC retailers. The Moscow-based company ranks sixth in revenue among security-software makers, taking in $667 million in 2013, and is a favorite among Best Buy’s Geek Squad technicians and reviewers on Amazon.com. Founder and Chief Executive Officer Eugene Kaspersky used to work for the KGB, and in 2007, one of the company’s Japanese ad campaigns used the slogan “A Specialist in Cryptography from KGB.” The sales tactic, a local partner’s idea, was “quickly removed by headquarters,” according to Kaspersky Lab, as the company recruited senior managers in the U.S. and Europe to expand its business and readied an initial public offering with a U.S. investment firm.
In 2012, however, Kaspersky Lab abruptly changed course. Since then, high-level managers have left or been fired, their jobs often filled by people with closer ties to Russia’s military or intelligence services. Some of these people actively aid criminal investigations by the FSB, the KGB’s successor, using data from some of the 400 million customers who rely on Kaspersky Lab’s software, say six current and former employees who declined to discuss the matter publicly because they feared reprisals. This closeness starts at the top: Unless Kaspersky is traveling, he rarely misses a weekly banya (sauna) night with a group of about 5 to 10 that usually includes Russian intelligence officials. Kaspersky says in an interview that the group saunas are purely social: “When I go to banya, they’re friends.”
Kaspersky says government officials can’t associate his company’s data with individual customers and that he hasn’t had to worry about increased pressure to demonstrate loyalty to Vladimir Putin. “I’m not the right person to talk about Russian realities, because I live in cyberspace,” he says.
Nonetheless, while Kaspersky Lab has published a series of reports that examined alleged electronic espionage by the U.S., Israel, and the U.K., the company hasn’t pursued alleged Russian operations with the same vigor. In February, Kaspersky Lab researchers released a remarkably detailed report about the tactics of a hacker collective known as the Equation Group, which has targeted Russia, Iran, and Pakistan, and which cybersecurity analysts believe to be a cover for the U.S. National Security Agency. Kaspersky Lab hasn’t issued a similar report about Russia’s links to sophisticated spyware known as Sofacy, which has attacked NATO and foreign ministries in Eastern Europe. Sofacy was reported on last fall by U.S. cybersecurity company FireEye.
While Kaspersky Lab is the most prominent cybersecurity business with close ties to the Russian government, that affinity with the country’s spooks reflects a yearslong shift by security companies toward choosing sides. Most major security-software makers work with the U.S. in some capacity. Any government relationships can make a company’s products harder to sell in a paranoid global marketplace, says Rick Holland, principal analyst of security and risk management for Forrester Research. “It’s a challenge for any security company out there,” Holland says. “What are your ties to government?”
Kaspersky Lab’s ties dramatically increased after two waves of executive departures, say four of the former insiders. The first came in 2012, after Kaspersky scotched an IPO partnership with Greenwich (Conn.) investment firm General Atlantic. Afterward, Chief Business Officer Garry Kondakov circulated an internal e-mail saying that from then on, the company’s highest positions would be held only by Russians, say two people who saw the e-mail. Board meetings, once conducted in English, were now in Russian. The company denies that the e-mail was ever sent.
In 2014 after a handful of senior managers, including Chief Technology Officer Nikolay Grebennikov and North American President Steve Orenberg, asked Kaspersky to consider appointing a new CEO and retaining only the chairmanship of the company, he fired them.
Chief Legal Officer Igor Chekunov, who regularly joins Kaspersky’s banya nights, is the point man for the company’s work with the Russian government, three of the insiders say. Since 2013 he has managed a team of 10 specialists who study data from customers who have been hacked and provide technical support to the FSB and other Russian agencies. The team can access data directly from any of the company’s systems. While Kaspersky Lab’s managing director for North America, Christopher Doggett, says its data are anonymous, two people familiar with the technology say it can be altered to gather identifying information from individual computers and has been used to aid the FSB in investigations. Chekunov had no biography on the company website prior to a query from Bloomberg Businessweek. Spokeswoman Sarah Kitsos says he served as a policeman after working in the KGB’s border patrol.
FireEye shows how these relationships work in the U.S. The company was guided early on by the CIA, which uses its technology and for years maintained a stake in the company through the agency’s investment arm, In-Q-Tel. FireEye has revealed Chinese and Russian hacking but has yet to do a major report calling out spying by the U.S. Although FireEye CEO David DeWalt praised Kaspersky Lab’s Equation Group report, he wouldn’t say whether his company is researching the group. “Is it any mystery what origins they have and who probably fed them these information sources?” he says. “You look at all of that, and you just go, ‘Hey, this is the reality we’re in now.’ ”
In head-to-head tests, Kaspersky Lab’s software still performs well against competitors. “The techies love us,” Doggett says. But the ruble’s slide will likely dent the company’s 2014 earnings, which it posts in dollars online. More important, Kaspersky has struggled to win federal U.S. contracts. “There’s a cyber isolationism that’s definitely emerging,” says Holland, the Forrester analyst. “They have to overcome any perceived or actual alliances.”
The bottom line: Popular security-software maker Kaspersky Lab has close ties to Russian military and intelligence officials.