Kaspersky's Ties To Russian Intelligence Questioned Once Again

Questions about Kaspersky Lab's relationship to the Russian government have been raised once again, this time because leaked emails show that the antivirus company has secretly helped the FSB intelligence agency respond to distributed-denial of service (DDoS) and other attacks.

Of particular concern is a program that saw Kaspersky Lab employees accompany FSB agents on physical raids. Bloomberg reported that the antivirus company would help the Russian government defend against cyber attacks, gather information about the attackers, and then help with "banging down the doors" when the attackers were found. The first two steps aren't that surprising--security companies often assist government agencies with responding to cyber attacks--but sending employees out alongside government officials and police on physical raids is unusual.

Bloomberg said it received leaked emails from 2009 in which Kaspersky Lab CEO Eugene Kaspersky discussed the program with senior staff. Kaspersky (the man) summarized the project in one of the emails: "The project includes both technology to protect against attacks (filters) as well as interaction with the hosters (‘spreading’ of sacrifice) and active countermeasures (about which, we keep quiet) and so on." Bloomberg said Kaspersky Lab confirmed the emails' legitimacy; the company has disputed that claim and said the emails were never shown to it.

Kaspersky Lab published a response to the report that starts with:

“Regardless of how the facts are misconstrued to fit in with a hypothetical, false theory, Kaspersky Lab, and its executives, do not have inappropriate ties with any government. The company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime. "In the internal communications referenced within the recent article, the facts are once again either being misinterpreted or manipulated to fit the agenda of certain individuals desperately wanting there to be inappropriate ties between the company, its CEO and the Russian government, but no matter what communication they claim to have, the facts clearly remain there is no evidence because no such inappropriate ties exist.”

Perhaps an even more interesting aspect of Bloomberg's report is the claim that Kaspersky Lab wanted to make these tools available to the private sector. One of the most pressing questions in the cybersecurity space is when it's appropriate to "hack the hackers." Responding to attacks is no easy feat--they're often hard to attribute to any particular group. Many are conducted by nation-state actors, which limits companies' ability to respond, and many companies don't have the skills required to "hack back" when they suffer a cyber attack.

Having a Russian security company with reported connections to the FSB assist with those attacks would only further muddy the waters. Yet it could still appeal to businesses that want to be more proactive in their cybersecurity. (The best defense is a good offense, etc.) Right now it can be hard to punish cyber attackers, which makes conducting hacks a relatively low-risk prospect. Questions about the morality and legality of hacking the hackers aside, responding with attacks of their own could deter other efforts, and that could be good for companies' bottom lines.

Kaspersky Lab also addressed those claims in its statement:

Hacking back is illegal, and Kaspersky Lab has never been involved in such activities; and instead we are actively participating in joint shut-down of botnets led by law enforcements of several countries where the company provides technical knowledge (for example: https://www.interpol.int/News-and-media/News/2015/N2015-038).

This isn't the first time Kaspersky Lab's ties to the Russian government have been questioned, and it almost certainly won't be the last. The Associated Press reported in May that the FBI is currently investigating the company's relationship with the FSB and other intelligence agencies. (Kaspersky Lab denied the allegations and said that it will assist with the investigations.) Other reports have claimed that the antivirus company regularly hires people from the Russian government, which could indicate a close relationship with its staffers' former employers.

Nathaniel Mott
Freelance News & Features Writer

Nathaniel Mott is a freelance news and features writer for Tom's Hardware US, covering breaking news, security, and the silliest aspects of the tech industry.

  • beayn
    Its only bad when companies cooperate with the Russian government because of all this crazy Russian hysteria. Let's ignore companies cooperating with every Western government in the world including AV companies, Microsoft, Google etc. Sending employees on raids might be rare in the West, but this is Russia. They do shit differently.
    Reply
  • wenty
    more fake news.
    Reply
  • DasRite
    Do companies that help american millitairy harware suffering DDoS or other attacks somehow publish that openly?

    Do you think any millitairy is open with who how and what defenses it uses for it's IT infrastructure?

    This is stupid.
    Reply
  • MasterHiFi
    "Its only bad when companies cooperate with the Russian government because of all this crazy Russian hysteria. Let's ignore companies cooperating with every Western government in the world including AV companies, Microsoft, Google etc. Sending employees on raids might be rare in the West, but this is Russia. They do shit differently."

    First of all, ethical companies, at least in a free state, like America, think long and hard before cooperating - even with their OWN government. Like, for example, when Apple refused to assist the FBI hack the encryption on one of their phones, even though it was used by a TERRORIST. Bad as that sounds to some people, who care nothing about civil liberties/their own personal liberties, Apple did not want to set a precedent by which they, or any other company that provides encryption, would be expected to do the bidding of a government. <- You see there how the civil liberty (the liberty of the citizens) being greater than the power of the "state" ensures that the government doesn't become too powerful and slide into a dictatorship?

    And yes, Russia does shit differently. That's why they're living under a dictator. You, the civilian, have no power. Your house can be entered day or night without cause, you can be detained or arrested and held indefinitely without charges, without counsel, without bail, nothing. And you can sit there and rot, you can be beaten, tortured and murdered, and you or your family have no recourse. Guess how much fun it is to be tortured by Russian police? The murdered part becomes appealing really fast. So yeah, Russia does shit differently. They do it like shit. Because their government is shit. And they have a dictator, who is shit. So being in Russia is shit. Well put.

    We're here in American, where we still value freedom, and civilians rights still mean something, and all who play with Russians at their game, and all who cozy up to Putin to do his bidding or be his patsy, maybe because he has the dirt on them, they'll all end up in jail, where they belong. Any Russian sympathizers will be prosecuted like the traitors they are.

    MasterHiFi

    PS - Why would anyone put Kasperski on their computer, when at Putin's command they could download spyware, a bot, or a rootkit on every computer they're on, and do whatever they want? Probably how they hacked the DNC and state voter registration systems.

    @WENTY - Don't you get tired of disappointing your parents?
    Reply
  • therealduckofdeath
    "Your companies are companies, therefore it's okay for our Russian companies to break every law in the world".
    I see Kellyanne Conway got herself a couple of new accounts at Toms Hardware... :D
    Reply
  • Brian_227
    Here comes the Tolerant Liberal Astroturf brigade to demonize Russia and call everyone else names while demanding tolerance. The act really gets old after a while. Apparently doing undercover deals with Russia is only bad when Republicans do it, Hillary is free to sell off nuclear material to them in exchange to some big donations to her slush fund.
    Reply
  • therealduckofdeath
    Stop acting like one, and we'll stop calling you one, Brian. Don't expect us to drop to your level.
    Reply
  • turkey3_scratch
    19938075 said:
    Here comes the Tolerant Liberal Astroturf brigade to demonize Russia and call everyone else names while demanding tolerance. The act really gets old after a while. Apparently doing undercover deals with Russia is only bad when Republicans do it, Hillary is free to sell off nuclear material to them in exchange to some big donations to her slush fund.

    None of this has anything to do with the article which is about Kaspersky's ties to the Russian government being questioned. Hillary, liberals, and undercover deals has nothing to do with the content of the article. I don't care whether you're a liberal or conservative or a Russian. All I'd like to see is conversation more shifted toward the article's content itself, the manner in which philosophers would discuss matters, with logic and leaving emotions and personal grudges against other political affiliations behind.
    Reply
  • MasterHiFi
    TURKEY3 is on point. I think the takeaway is that it might be advisable to delete your Kaspersky and go with anti-virus with no conflict of interest or a potential hidden agenda... Just common sense, and for any company's "Best Practices", moving away from Kaspersky won't get you fired, while keeping it may at some point in the future.
    Reply