Eugene Kaspersky, head of Russia-based security software supplier Kaspersky Lab, is fighting allegations that his company has “close ties” to Russian spies.
Last week, Bloomberg Business published an article accusing Kaspersky Lab of excluding Russia from reports examining electronic espionage by the United States, Israel, and the United Kingdom.
Bloomberg traced an alleged change in focus at the anti-virus shop back to 2012, when high-level managers began exiting the company and being replaced by what the news service claimed were “people with closer ties to Russia’s military or intelligence services.”
“Some of these people actively aid criminal investigations by the FSB, the KGB’s successor, using data from some of the 400 million customers who rely on Kaspersky Lab’s software,” Bloomberg said, citing current and former employees who went unnamed in the article.
“This closeness starts at the top,” Bloomberg continued. “Unless [CEO] Kaspersky is traveling, he rarely missed a weekly banya (sauna) night with a group of about five to 10 that usually includes Russian intelligence officials.”
While the chief did not deny the social gatherings, he did assert that they are not conspiratorial, and that the presence of spies was purely coincidental.
Kaspersky (pictured) spoke out late last week, writing in a blog entry that Bloomberg’s piece is nothing more than sensationalism.
“Exploiting paranoia is always a great tool for increasing readership,” he said, adding that, “It’s been a long time since I read an article so inaccurate from the get-go—literally from the title and the article’s subheading.”
As security expert Graham Cluley pointed out, Bloomberg’s story was published just two days after Kaspersky revealed more details about the long-running “Crouching Yeti” attacks, which target a number of countries—but not Russia.
The nation’s absence may seem odd, Cluley said, until you read that, according to Kaspersky, the authors of Crouching Yeti were likely Russian speakers.
“Clearly Bloomberg missed that piece of information,” Cluley said.
Investigating state-sponsored attacks can be awkward for any company: Silicon Valley-based FireEye CEO Dave DeWalt told The Wall Street Journal that he would think twice before publicizing a hacking campaign by government-backed Americans.
Kaspersky has indeed probed attacks attributed to Russian cyber-spies, including Red October, CloudAtlas, CosmicDuke, and Epic Turla.
“I must have said this a million times, but we do not care who’s behind the cyber-campaigns we expose,” Kaspersky wrote in his blog. “There is cyber-evil and we fight it. If a customer comes and shows us a problem we investigate it. And once we take the genie out of the bottle, there’s no way we can put it back.”
He continued to pick apart the Bloomberg article line-by-line, responding to a number of allegations and attempting to set the record straight.
Meanwhile, Kaspersky alluded to dealing with mistrust as a Russian company when he tweeted last week that the company’s next research conference will provide better accommodations.
“It’s very hard for a company with Russian roots to become successful in the U.S., European, and other markets. Nobody trusts us—by default,” Kaspersky said. “Our only strategy is to be 100 percent transparent and honest. It took years to explain who we are. Many people attempted to find ‘dirt’ on us—and failed. Because we’ve nothing to hide.”