http://www.wired.com/dangerroom/2012/07/ff_kaspersky/all/
Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals
Eugene Kaspersky, Soviet officer turned software tycoon.
Photo: Stephen Voss
It’s early February in Cancun, Mexico. A group of 60
or so financial analysts, reporters, diplomats, and cybersecurity
specialists shake off the previous night’s tequila and file into a
ballroom at the Ritz-Carlton hotel. At the front of the room, a giant
screen shows a globe targeted by crosshairs. Cancun is in the center of
the bull’s-eye.
A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white
polo shirt with a pair of red sunglasses perched on his head, he looks
more like a beach bum who’s lost his way than a business executive. In
fact, he’s one of Russia’s richest men—the CEO of what is arguably the
most important Internet security company in the world. His name is
Eugene Kaspersky, and he paid for almost everyone in the audience to
come here. “
Buenos dias,” he says in a throaty Russian accent,
as he apologizes for missing the previous night’s boozy activities. Over
the past 72 hours, Kaspersky explains, he flew from Mexico to Germany
and back to take part in another conference. “Kissinger, McCain,
presidents, government ministers” were all there, he says. “I have
panel. Left of me, minister of defense of Italy. Right of me, former
head of CIA. I’m like, ‘Whoa, colleagues.’”
He’s bragging to be sure, but Kaspersky may be selling himself short.
The Italian defense minister isn’t going to determine whether criminals
or governments get their hands on your data. Kaspersky and his company,
Kaspersky Lab, very well might. Between 2009 and 2010, according to
Forbes,
retail sales of Kaspersky antivirus software increased 177 percent,
reaching almost 4.5 million a year—nearly as much as its rivals Symantec
and McAfee combined. Worldwide, 50 million people are now members of
the Kaspersky Security Network, sending data to the company’s Moscow
headquarters every time they download an application to their desktop.
Microsoft, Cisco, and Juniper Networks all embed Kaspersky code in their
products—effectively giving the company 300 million users. When it
comes to keeping computers free from infection, Kaspersky Lab is on its
way to becoming an industry leader.
But this still doesn’t fully capture Kaspersky’s influence. Back in
2010, a researcher now working for Kaspersky discovered Stuxnet, the
US-Israeli worm that wrecked nearly a thousand Iranian centrifuges and
became the world’s first openly acknowledged cyberweapon. In May of this
year, Kaspersky’s elite antihackers exposed a second weaponized
computer program, which they dubbed Flame. It was subsequently revealed
to be another US-Israeli operation aimed at Iran. In other words,
Kaspersky Lab isn’t just an antivirus company; it’s also a leader in
uncovering cyber-espionage.
Kaspersky has 300 million customers.
His geek squad uncovers US cyberweapons. And he has deep ties to the
KGB’s successors in Moscow.
Serving at the pinnacle of such an organization would be a remarkably
powerful position for any man. But Kaspersky’s rise is particularly
notable—and to some, downright troubling—given his KGB-sponsored
training, his tenure as a Soviet intelligence officer, his alliance with
Vladimir Putin’s regime, and his deep and ongoing relationship with
Russia’s Federal Security Service, or FSB. Of course, none of this
history is ever mentioned in Cancun.
What is mentioned is Kaspersky’s vision for the future of Internet
security—which by Western standards can seem extreme. It includes
requiring strictly monitored digital passports for some online
activities and enabling government regulation of social networks to
thwart protest movements. “It’s too much freedom there,” Kaspersky says,
referring to sites like Facebook. “Freedom is good. But the bad
guys—they can abuse this freedom to manipulate public opinion.”
These are not exactly comforting words from a man who is responsible
for the security of so many of our PCs, tablets, and smartphones. But
that is the paradox of Eugene Kaspersky: a close associate of the
autocratic Putin regime who is charged with safeguarding the data of
millions of Americans; a supposedly-retired intelligence officer who is
busy today revealing the covert activities of other nations; a vital
presence in the open and free Internet who doesn’t want us to be too
free. It’s an enigmatic profile that’s on the rise as Kaspersky’s
influence grows.
Eugene Kaspersky as a young Soviet military cadet.
Photo: courtesy Eugene Kaspersky
Eugene Kaspersky was a bright kid. At 16 he was accepted to a five-year program at the KGB-backed
Institute of Cryptography, Telecommunications, and Computer Science.
After graduating in 1987, he was commissioned as an intelligence
officer in the Soviet army. A quarter century after the fact, he still
won’t disclose what he did in the military or what exactly he studied at
the institute. “That was top-secret, so I don’t remember,” he says.
Kaspersky is more open about the day in October 1989 when a virus
first infected his computer. It was a playful little thing called
Cascade that made the characters on a PC screen tumble to the bottom like
Tetris
blocks. Curious, Kaspersky saved a copy of the virus on a floppy disk
to study how the code worked. A couple of weeks later he encountered a
second virus, and then a third. His interest grew with each discovery.
“For Eugene, it was an addiction,” his friend Alexey De Mont De Rique
says. Each time a new virus appeared, Kaspersky would “sit in front of
the computer for 20 hours straight,” trying to pick it apart, De Mont De
Rique recalls. In the small world of antivirus researchers, the Soviet
officer quickly made a name for himself.
By the early ’90s, Kaspersky wanted out of the army so he could study
viruses full-time. There was one small problem: “It was almost not
possible,” he explains. The only way to get out was to go to jail, get
sick, or prove yourself to be extremely incompetent. Kaspersky’s old
instructor at the Institute of Cryptography had a company that sold
everything from athletic shoes to PCs. Somehow—Kaspersky won’t answer
questions about this either—the former professor was able to get
Kaspersky a discharge and hire him. Kaspersky’s wife, Natalya, and De
Mont De Rique soon joined him at the company.
In 1997 the three of them went into the antivirus business for
themselves. Their software was advanced for the time. They were the
first to allow users of Internet security software to watch malware
operate in an isolated “sandbox,” quarantined from the rest of the
computer; they were among the first to store entire programs in a virus
database. The young company flourished even as Kaspersky’s marriage to
Natalya fizzled. The couple divorced in 1998, but she continued to
handle sales and finance while he worked in the “virus lab,” classifying
new threats himself. “The typical analyst would process maybe 100
pieces of new malware a day,” says Aleks Gostev, one of Kaspersky’s top
researchers. “Eugene would do 300.”
Today Kaspersky Lab employs about 200 virus researchers—some in the
US and China, but the bulk of them in a converted electronics factory 6
miles northwest of the Kremlin. On a sunny April morning when I visit,
the old factory feels more like a grad school, with tattooed
twentysomethings from across the former Soviet Union roaming the curved
halls. The school mascot seems to be Kaspersky himself. Some employees
wear Che Guevara T-shirts—with the boss’s face replacing the
revolutionary’s. On the walls are black-and-white photos of long-serving
employees dressed in war paint and moccasins like Native Americans.
“Eugene the Great Virus Hunter,” reads the caption under the CEO’s
image—in which he’s drawing a bow and arrow. Some 12,543 emails about
suspicious programs came into the company just this morning, bringing
the grand total to nearly 7.8 million.
‘Rule number one of successful companies here is good relations with the secret police.’
The accumulation happens automatically. When a user installs
Kaspersky software, it scans every application, file, and email on the
computer for signs of malicious activity. If it finds a piece of known
malware, it deletes it. If it encounters a suspicious program or a
message it doesn’t recognize—and the user has opted to be part of the
Kaspersky Security Network—it sends an encrypted sample of the virus to
the company’s servers. The cloud-based system automatically checks the
code against a “whitelist” of 300 million software objects it knows to
be trustworthy, as well as a “blacklist” of 94 million known malicious
objects. If the code can’t be found on either of these lists, the system
analyzes the program’s behavior—looking at whether it’s designed to
make unauthorized changes to the computer’s configuration options, for
example, or whether it constantly pings a remote server. Only in the
rare instance that the system is stumped will one of Kaspersky’s
T-shirt-clad virus researchers step in. They’ll characterize the code by
function: password stealer, bogus web page server, downloader of more
malicious programs. Then they’ll suggest a “signature” that can be used
to spot and filter out the malware in the future. In just minutes, a
software update that incorporates these new signatures can be pushed out
to Kaspersky’s tens of millions of users.
This is the core of the $600-million-a-year business that grew out of
Kaspersky’s virus hobby. It’s really not all that different from the
way US security companies like Symantec or McAfee operate globally.
Except for the fact that in Russia, high tech firms like Kaspersky Lab
have to cooperate with the
siloviki, the network of military, security, law enforcement, and KGB veterans at the core of the Putin regime.
The FSB, a successor to the KGB, is now in charge of Russia’s
information security, among many other things. It is the country’s top
fighter of cybercrime and also operates the government’s massive
electronic surveillance network. According to
federal law number 40-FZ
(.pdf), the FSB can not only compel any telecommunications business to
install “extra hardware and software” to assist it in its operations,
the agency can assign its own officers to work at a business. “Rule
number one of successful companies here is good relations with the
siloviki,” says one prominent member of Russia’s technology sector.
Kaspersky says the FSB has never made a request to tamper with his
software, nor has it tried to install its agents in his company. But
that doesn’t mean Kaspersky and the security agency operate at arm’s
length. Quite the opposite: “A substantial part of his company is
intimately involved with the FSB,” the tech insider says. While the
Russian government has used currency restrictions to cripple a firm’s
international business in the past, Kaspersky faces no such
interference. “They give him carte blanche for his overseas operations,
because he’s among the so-called good companies.”
Eugene Kaspersky’s lab isn’t just an antivirus company; it’s also a leader in uncovering cyber-espionage.
Photo: Stephen Voss
Next door to the Moscow virus lab is the home base
for another arm of the operation—a team of elite hackers from around the
world that Kaspersky hand-selected to investigate new or unusual
cybersecurity threats. Kaspersky calls this his Global Research and
Expert Analysis Team—
GREAT,
for short. Two of them are waiting for me in their office. Sergei
Golovanov sports rectangular glasses and a beard out of a ’90s nu-metal
video. Aleks Gostev is skinny as a rope and has dark circles under his
eyes.
With Kaspersky’s encouragement, GREAT has become increasingly active
in helping big companies and law enforcement agencies track down
cybercriminals. Gostev assisted Microsoft in its
takedown of the Kelihos botnet, which churned out 3.8 billion pieces of spam every day at its peak. Golovanov spent months chasing the
Koobface gang, which suckered social media users out of an estimated $7 million.
One of GREAT’s frequent partners in fighting cybercrime, however, is
the FSB. Kaspersky staffers serve as an outsourced, unofficial geek
squad to Russia’s security service. They’ve trained FSB agents in
digital forensic techniques, and they’re sometimes asked to assist on
important cases. That’s what happened in 2007, when agents showed up at
Kaspersky HQ with computers, DVDs, and hard drives they had seized from
suspected crooks. “We had no sleep for a month,” Golovanov says.
Eventually two Russian virus writers were
arrested, and Nikolai Patrushev, then head of the FSB, emailed the team his thanks.
Kaspersky’s public-sector work, however, goes well beyond Russia. In
May, Gostev and Kaspersky were summoned to the Geneva headquarters of
the International Telecommunication Union, the UN body charged with
encouraging development of the Internet. The Russians were ushered into
the office of ITU secretary-general Hamadoun Touré, where the
Soviet-educated satellite engineer told them that a virus was erasing
information on the computers of Iran’s oil and gas ministry. This was
coming just two years after the discovery of the Stuxnet worm, which had
damaged Iran’s centrifuges. Touré asked Kaspersky to look into it.
Back at the lab, analysts from GREAT began combing through archived
reports from customers’ machines. One file name stood out: ~DEB93D.tmp.
The virus was eventually found on 417 customers’ computers—398 of which
were in the Middle East, including 185 in Iran. Some machines had been
infected since 2010, but the file had never been deeply analyzed. The
researchers were able to isolate one piece of the malicious code—and
then another and another.
One module of the software surreptitiously turned on a machine’s
microphone and recorded any audio it captured. A second collected files,
especially design and architectural drawings. A third uploaded captured
data to
anonymous command-and-control servers.
A fourth module, with the file name Flame, infected other computers.
The analysts discovered about 20 modules in all—an entire toolkit for
online espionage. It was one of the biggest, most sophisticated pieces
of spyware ever discovered. In honor of the transmission program,
the researchers called it Flame. On May 28, a Kaspersky analyst announced what the team had found.
Flame was another part of America’s shadow war against Iran — and Kaspersky killed it.
The spyware was too complex for simple crooks or hacktivists, the
researchers said. Flame had been coded by professionals, almost
certainly at a government’s behest. The company called it a cyberweapon
and speculated that it was related to Stuxnet.
On June 1,
The New York Times revealed for the first time that the White House had, in fact,
ordered the deployment of Stuxnet as part of a sophisticated campaign of cyberespionage and sabotage against Tehran. Then, on June 19,
The Washington Post was able to confirm that
Flame was yet another part of this shadow war against Iran. Kaspersky had outed—and in effect killed—it.
For Kaspersky, exposing Flame reflects his company’s broader
ambition: to serve as a global crime-stopper and peacekeeper. Malware
has evolved from a nuisance to a criminal tool to an instrument of the
state, he says, so naturally he and his malware fighters have grown in
stature and influence too. “My goal is not to earn money. Money is like
oxygen: Good idea to have enough, but it’s not the target,” he says.
“The target is to save the world.”
In a locked room down the hall from his office, Kaspersky is working
on a secret project to fulfill that lofty ambition. Not even his
assistant has been allowed inside. But after we’ve spent a day
together—and knocked back a few shots of Chivas 12—he unlocks the door
and offers me a peek. It’s an industrial control system, a computer for
operating heavy machinery, just like the ones that Stuxnet attacked
(and, Kaspersky researchers believe, Flame may also have targeted).
Kaspersky’s team is quietly working on new ways to harden these systems
against cyberattack—to protect the power grids and prisons and sewage
plants that rely on these controllers. The idea is to make future
Stuxnets harder to pull off. The controllers haven’t been engineered
with security in mind, so the project is difficult. But if it succeeds,
Kaspersky’s seemingly outsize vision of his company’s role in the world
might become a little less outlandish.
In the meantime, there’s always politics.
Kaspersky at the 2011 Brazilian Grand Prix, flanked by drivers from the Ferrari F1 team that he sponsors.
Photo: courtesy of Kaspersky Lab
Kaspersky has cultivated the image of a wild man with cash to burn—the flamboyant say-anything, do-anything, drink-anything gazillionaire. In Asia, he’s
clowned around in TV commercials with Jackie Chan.
In Europe, Kaspersky sponsors the Ferrari Formula One team and goes on
Dublin pub crawls with Bono. Back in Russia, he throws New Year’s
parties for 1,500. The most recent one had a rock-and-roll theme;
Kaspersky took the stage in a Harley jacket. Last summer he took some 30
people to Russia’s Kamchatka Peninsula for a volcano-hiking excursion.
Then there are the Kaspersky Lab conferences disguised as boozy getaways
(or perhaps vice versa): the “analysts’ summit” on Spain’s Costa del
Sol, the “VIP executive forum” in Monte Carlo, the “press tour” in
Cyprus, the whatever-it-was thing in Cancun.
All of this might lead some to dismiss Kaspersky as a dilettante
plutocrat who drinks single-malt and gets made up for TV while his
employees do the real technical work. But the critics would be missing
the point: One of the systems Kaspersky is now trying to hack is
politics, and his antics are part of the act. Every trip to Shanghai’s
Formula One race or the London Conference on Cyberspace is another
chance to court diplomats and politicians, another chance to extend his
company’s influence. And one of his goals is to persuade policymakers to
refashion the Internet into something more to his liking—and, as it
happens, something more to the liking of the Putin government as well.
Kaspersky says it’s time to give up privacy online: ‘By protecting our right to freedom we actually sacrifice it!’
In one hotel ballroom after another, Kaspersky insists that malware
like Stuxnet and Flame should be banned by international treaty, like
sarin gas or weaponized anthrax. He argues that the Internet should be
partitioned and certain regions of it made accessible only to users who
present an “Internet passport.” That way, anonymous hackers wouldn’t be
able to get at sensitive sites—like, say, nuclear plants. Sure, it might
seem like we’d be sacrificing some privacy online. But with all the
advertisers, search engines, and governments tracking us today,
Kaspersky argues, we don’t really have any privacy left anyway. “
You can have privacy if you live somewhere in the jungle or the middle of Siberia,” he recently told a confab in the Bahamas.
The Internet grew from a network of researchers to the global nervous
system in large part because practically anyone was able to access any
part of it from anywhere—no ID needed. And the values of openness,
freedom, and anonymity became deeply embedded in net culture and in the
very architecture of the network itself. But to Kaspersky, these notions
no longer work: By “protecting our right to freedom we actually
sacrifice it! We sacrifice the right to safe Internet surfing and to not
get infected by some nasty piece of malware at every step.”
The idea of stripping some amount of privacy from the Internet is
gaining traction in many sectors, thanks at least in small part to
Kaspersky’s lobbying. In Cancun, he was joined onstage by Alexander
Ntoko, a top official at the International Telecommunication Union. “Why
don’t we have digital IDs as a de facto for everybody?” he asks. “When
I’m going to my bank, I’m not going to cover my face.” In other words,
why should things be any different online?
The ITU was once a bureaucratic backwater. In recent years, however, the Russian and Chinese governments have been pushing to
give the agency a central role in governing the Internet.
Instead of the US-dominated nonprofits that currently coordinate domain
names and promote technical standards, they want to turn authority over
to a gathering of national governments represented by the ITU. It’s a
move that one of the Internet’s creators, Vint Cerf, told Congress risks
“
losing the open and free Internet,”
because it would transfer power from geeks to government bureaucrats.
The ITU is set to revisit the 24-year-old treaty governing international
telecommunications in December.
Whether or not it secures this power, the ITU has found a willing
ally in Kaspersky. When he traveled to ITU headquarters in Geneva, a few
months after Cancun, Kaspersky not only agreed to look into the attacks
on the Iranian oil ministry, he also told ITU chief Touré that he would
assign some of his top researchers to be on call to help the
organization with any future investigations. It’s a good deal for both
men. Kaspersky gets to extend his influence—and maybe catch the next big
cyberweapon. Touré and the ITU get a personal cybersecurity team.
But Kaspersky’s closest political ties remain in Russia. As one of
his country’s most successful technology entrepreneurs—and, in many
ways, Russia’s spokesman for all things Internet—Kaspersky has hosted
former president and current prime minister Dmitry Medvedev in his
offices (see video below); Medvedev, in turn, appointed Kaspersky to
serve in Russia’s Public Chamber, which is charged with monitoring the
parliament.
Kaspersky and the Moscow government have espoused strikingly similar
views on cybersecurity. This goes beyond the security industry’s basic
mission of keeping data safe. When Kaspersky or Kremlin officials talk
about responses to online threats, they’re not just talking about
restricting malicious data—they also want to restrict what they consider
malicious
information, including words and ideas that can spur unrest.
Kaspersky can’t stand social networks like Facebook or its Russian
competitor, VK (formerly known as VKontakte). “People can manipulate
others with the fake information,” he says, “and it’s not possible to
find who they are. It’s a place for very dangerous action.” Especially
dangerous, he says, is the role of social networks in fueling protest
movements from Tripoli to Moscow, where blogger
Alexei Navalny has emerged as perhaps the most important dissident leader and sites like VK and LiveJournal have helped bring
tens of thousands of people into the streets.
Kaspersky sees these developments as part of a disinformation campaign
by antigovernment forces to “manipulate crowds and change public
opinion.”
Nikolai Patrushev—the former FSB chief who now serves as Putin’s top
security adviser—makes a nearly identical case. In June he told a
reporter that outside forces on the Internet are constantly creating
tensions within Russian society. “
Foreign sites are spreading political speculation, calls to unauthorized protests,” he says.
Russia’s government and its most famous technology entrepreneur have
long had each other’s backs, cooperating on cybercrime investigations
and supporting each other’s political agendas. But the two became
utterly intertwined at 6:30 in the morning on April 19, 2011, when
Kaspersky’s cell phone rang in his London hotel room. According to the
caller ID, it was Ivan, Kaspersky’s 20-year-old son. But the voice on
the other end was not Ivan. It was an older man who politely told
Kaspersky: “We’ve got your son.”
Eugene Kaspersky now travels in Russia with bodyguards, after the kidnapping of his son.
Photo: Stephen Voss
Outwardly, Kaspersky didn’t react to the news of
Ivan’s kidnapping. He said he was tired and asked the caller to ring him
back later in the morning—which the caller did, from another number.
This time, Kaspersky said he was in an interview and told the guy to
make a third call.
It was a ploy, a stall for time while Kaspersky hurriedly reached out
to his corporate security manager, who reached out to the FSB.
Ordinarily the Russian intelligence service isn’t in the business of
freeing kidnap victims. But Ivan Kaspersky wasn’t your average abductee.
“My first thought was that this is serious. Second, immediately call
the FSB. And third, they are stupid to attack me,” Kaspersky says. “I
was 100 percent sure—well, 99 percent sure—that FSB and police would
find them. We have very good relations with both the FSB cybersecurity
department and the Moscow police department. They know us. They know us
as people who support them when they need it. They started to work like
crazy.”
That night Kaspersky took the red-eye back to Moscow. He plodded his
way through the morning rush hour, his phone ringing every few minutes.
As the kidnappers made their demands—3 million euros in denominations of
500—they tried to cover their tracks, switching cell phones and SIM
cards constantly. But with every call, the kidnappers were giving the
FSB more data to track them down.
According to the caller ID, it was
Kaspersky’s kid. But the voice on the other end was an older man’s,
saying: ‘We’ve got your son.’
Kaspersky arrived at a police station in central Moscow and promptly
passed out from anxiety and exhaustion. He and his ex-wife stayed there
for the next four days, pacing the halls while the FSB pored through
call records and the Moscow cops staked out a suburban cabin where they
believed Ivan was being held. After a few days, the officers lured the
kidnappers out of the house with the promise of a ransom payment. They
were captured without a shot. Ivan was freed, a little grimy—there was
no running water in the cabin—but otherwise fine. “It was probably the
only period in his life when he was reading books,” jokes his mother,
Natalya Kaspersky, who met him at the scene.
At first, Kaspersky publicly blamed himself for not adequately
protecting his family. But later he started blaming something else: VK.
Kaspersky said that the Russian social network had tempted Ivan into
posting his address, phone number, even details of his internship at
InfoWatch, Natalya’s security company. “Social networks shouldn’t
encourage users to post that sort of information.
If a site asks for private information, then criminal charges should be brought against it in the event of a leak,” Kaspersky told Russia’s RT television channel in October. Widely viewed as a
Kremlin propaganda outlet,
RT aired the remarks as part of a documentary on the death of online
privacy and the dangers of social networks, with Ivan’s kidnapping as a
primary example. The program encouraged people to protect themselves by
dropping offline completely. As it happened, the documentary ran just as
online opposition to the ruling party was starting to bubble up. In the
months that followed, top bloggers and activists were detained by the
government, and the FSB tried (unsuccessfully) to force VK to purge the
pages of some groups from its network.
The Kaspersky kidnapping ended up being a tool for the ruling party.
But according to Natalya, the whole kidnapped-because-of-VK story is
nonsense. “They found him on social networks? It’s not true. They
followed him for a month or more. They knew all his ways, where he is
going, whom he contacts,” she says. Yes, Ivan posted an address
online—”a false address from an old house.” There’s no way, she says,
that this helped the kidnappers.
So why did Eugene Kaspersky publicly blame VK? Perhaps Kaspersky
simply let his emotions get the better of him—his son had been
kidnapped, after all. Perhaps he mistook the fake address Ivan posted
for a real one. Whatever the reason, in the end, the son’s kidnapping
became a way to attack the father’s political foes.
Eugene Kaspersky now travels in Moscow with a team
of bodyguards. He moved to a duplex in a gated community bordering a
park—better for keeping his girlfriend and their infant son safe, he
explains. A wraparound balcony overlooks the still-frozen Moskva River
and the site of Kaspersky Lab’s new five-story headquarters. To the left
you can almost see Kaspersky’s childhood home: a one-room shack
originally built for prison laborers in the Stalin era.
It’s an early Sunday afternoon in late April. Kaspersky, smoking a
Chinese cigarette, is wearing the same bargain-rack striped shirt he was
wearing Friday. His mother, who also lives in the complex, heats up
blintzes and opens some canned caviar. Up close it becomes clear that
Kaspersky’s image as a mega-rich, hyperconnected playboy is mostly an
act. In truth, he stays away from Russia’s oligarchs, whom he sees as
little different from the cybercrooks he chases. He views his move into
politics as a necessary evil, an offer he’s in no position to refuse.
Kaspersky doesn’t bother with political rallies or Moscow’s famously
immoderate nightlife; he’d rather be in an airplane seat on his way to
some conference to share ideas with other technophiles. When he goes to
places like Kamchatka, he says, he takes employees or clients. “I don’t
have any friends outside of work.”
Sure, Kaspersky touts a Kremlin-friendly line. In Putin’s Russia, executives who don’t have a habit of disappearing.
While critics assume that Kaspersky’s company is a virtual arm of
Russian intelligence, he and his staff insist, not unconvincingly, that
their work with the FSB has its limits. They argue that using its
software to spy on users would undermine the company’s credibility
worldwide; it would be like the local locksmith moonlighting as a cat
burglar. That credibility is at the heart of Kaspersky Lab’s business.
Without lots of customers, there would be no Kaspersky Security Network,
no database of known threats or tally of infected machines.
Yes, Kaspersky publicly touts a Kremlin-friendly line. But in Putin’s
Russia, executives who neglect to do so have a disturbing habit of
winding up in jail or being forced into exile. Besides, you don’t need
to be a Moscow crony to push against free speech and privacy online.
Plenty of Western officials are doing that too. Until 2011, Italians had
to present their ID cards before using Wi-Fi at an Internet café. The
European Commission is now mulling a continent-wide system of
“electronic authentication.” British prime minister David Cameron
contemplated cracking down on social media after the 2011 London riots.
And retired US vice admiral Mike McConnell wrote in
The Washington Post about the “
need to reengineer the Internet to make attribution … more manageable.” He previously served as US director of national intelligence—America’s top spy.
In many ways, the relationship between the Kremlin and Kaspersky Lab
is the same as the one between Washington and the big US security
companies. Moscow gives millions to Kaspersky to help secure government
networks—much as the Pentagon pours millions into contracts with McAfee
and Symantec. Kaspersky helps the FSB track down cybercrooks; McAfee and
Symantec work with the FBI. Kaspersky employees brief the Duma,
Russia’s parliament; American researchers brief Congress and the White
House. These security firms have all become key players in their home
countries’ network defenses and in cybersecurity investigations
worldwide.
But while the American and Russian companies are similar, there are
important differences. Stuxnet was a highly classified US operation
serving one of the government’s top geopolitical goals. Symantec, a US
company,
went after it anyway. It’s hard to find a similar case of Kaspersky and the Kremlin working at cross-purposes.
In December 2011, Kaspersky came under criticism for appearing to do
the opposite—ignoring an act of online criminality when it was
politically convenient. On the eve of Russia’s parliamentary elections,
massive denial-of-service attacks brought down social networks like
LiveJournal, media outlets like Kommersant.ru, and the independent
election watchdog Golos. It seemed to be a politically motivated hit on
potential opponents and critics of the ruling regime. Yet Kaspersky
Lab—which boasts that its software can spot and fight DDoS
attacks—denied the existence of any such activity. “
We detected none. Very strange,”
Kaspersky tweeted. The next day he wrote on his blog that the attacks
actually had been detected, but he speculated that many of the sites
were victims of technical problems or perhaps their own popularity.
Kaspersky denies that he blew off the DDoS attacks in an attempt to
curry favor with the ruling powers. (Then he claims that pro-Putin sites
got hit by the online strikes as well.) But Andrei Soldatov, a
muckraking investigative journalist whose
Agentura.ru
site was hammered in the attacks, has a very different view: “I cannot
explain Kaspersky’s ignorance by anything but conscious intention to
take the Kremlin’s side, a position very weird for the independent
expert he claims to be.”
Kaspersky’s office has just the trappings you’d
expect for someone who rose from a kid in a shack to become a
continent-hopping mogul: a Ferrari racing jacket, boxes of his software
in Chinese and German, a model of
SpaceShipTwo, the aircraft
that’s going to fly well-heeled tourists to the edge of the atmosphere
(Kaspersky already has a $200,000 ticket). Late one afternoon, he
reaches into a small closet and pulls out a lab coat with his company’s
logo to show me. Behind that is a basketball jersey from the New Jersey
Nets, the NBA team owned by Russian billionaire Mikhail Prokhorov. At
the very back of the closet I glimpse the dark green dress jacket from
Kaspersky’s Soviet Army uniform. The garment is in pristine condition;
it looks like it could still be worn in a military parade.
There are plenty of Russian magnates content to use their Kremlin
connections and corruption-fueled profits to bully and buy their way
into the global arena. Kaspersky has long tried to play a different
game: He’s an international entrepreneur and thinker who is from Putin’s
Russia, but not of it. Kaspersky’s financial success and influence is a
testament to how skillfully he has walked this fine line. Yet the
questions endure: Can a company so valuable to Moscow’s government ever
be truly independent of it? And what else is hidden in the back of the
closet, that the rest of the world can’t see?
I go in for a closer look at the jacket. Kaspersky shuts the door.
“It’s nothing,” he says, walking out of the room. “Let’s find a drink.”
Posts
A weapon against zombies is being sold across the US after a series
of cannibal attacks shocked the country. The largest independent
producer of bullets in the world says their Zombie Max ammunition is a
response to the flesh-eating crimes.
