Is Kaspersky Lab Under FSB Control?

A new leak has revealed that Russian cybersecurity company Kaspersky Lab has a deeper relationship with Russia’s Federal Security Service (FSB) than previously thought.

The relationship between founder Eugene Kaspersky’s company and the Russian government has been the subject of debate for more than a year.

Andrei Soldatov, editor of Agentura.ru – a website dedicated to the monitoring of Russian and Western security and intelligence agencies -  told Hromadske that the anti-virus provider has maintained they only provide the FSB with expertise.

But documents that recently emerged on the Facebook account of a suspected Russian cyber criminal, currently awaiting trial in jail, show that the cyber security firm is providing more than just expertise. Washington Post earlier this month reported that one of the documents, dating back to April 2015, revealed that a Kaspersky lab employee helped an FSB agent retrieve files from a suspected cyber criminal’s computer.

The leak follows numerous warnings from UK authorities against using Kaspersky software and a recent US government decision to ban the use of their technology within federal agencies.

Kaspersky on Monday retaliated against the US government decision, launching a lawsuit against the Department of Homeland Security to reverse the ban.

The anti-virus software company has a further 400 million users around the world. Hromadske spoke with Soldatov about how safe it is for the masses to continue using Kaspersky software.

Soldatov, who is also the co-author of Red Web – a book that explores Russia’s endeavours to control the internet, also discussed the relationship between the Kremlin and social media networks.

What should people know about the cooperation of Kaspersky Lab with the Russian Security Service? Maybe people don’t even understand that they have Kaspersky Lab software on their computers. How significant is the whole issue?

Well it’s a very important issue and it’s a very interesting development we got very recently thanks to the Washington Post story. Why it’s important because we’ve been in this kind of discussion about the real nature of the cooperation between the Kaspersky Lab and the FSB for more than a year. This debate started right after the election in the United States. There is no doubt that there is cooperation between the FSB and the Kaspersky Lab. Actually, Eugene Kaspersky never denied this cooperation and his people never denied this fact.

The problem was in nature. So the line of the company is to say they are cooperating with the Russian Security Services because they help them to catch several criminals—a completely legitimate task. But these new documents shed some light on the real nature of this cooperation and they basically explain us that in this case, Kaspersky cooperation — it doesn’t look like an expertise as they insisted. But actually the real help in carrying out an operation conducted by the Security Services. In this case we are talking about an operation against a very powerful criminal cyber gang called Lurk. And this group consisted of 60 people last year and most of them were sent to jail. So now we have the ringleader of this group, his name is Konstantin Kozlovsky. And he’s in jail in Moscow.

Photo credit: Andrei Soldatov, screenshot  

And some of his relatives in France, some months ago, launched a page on Facebook and started posting some documents—some documents which have something to do with his criminal case. In one of these documents you can find some interesting stuff but one of them is the most interesting one to me. This is a court warrant and kind of decision of the Russian FSB to conduct a special operation from the premises of the Kaspersky Lab. The idea of this operation is actually to penetrate the private network maintained by this criminal group Lurk and to get access to some documents. The interesting thing is that, in this case, the operation was conducted not from the premises of the FSB but from the offices of the Kaspersky Lab. And also the interesting thing is that an employee of Kaspersky Lab actually conducted the operation in the presence of FSB people. So in this case, we have kind of a joint operation conducted by the Kaspersky Lab and the FSB. The problem here is not whether it’s lawful or unlawful. It’s absolutely lawful because it’s a court decision of the Moscow court to conduct this operation. The problem is the ethical standards held by Kaspersky Lab. They have insisted for months and actually for years, the only thing they do for the FSB is helping with some expertise.  Now we understand it’s not only about expertise, it’s about actual involvement in conducting special operation.

Of course there is international attention to anything connected to cybercrime and the FSB because of the alleged Russian interference in the US elections. But in the end, we have up to 400 million users who are the clients of Kaspersky Lab globally. How safe is it for the user to cooperate, to have the Kaspersky software knowing that they have these close connections to the Security Services, and how common is that for IT companies to work that way?

The big problem here is that many cyber security companies they have some sort of cooperation with law enforcement agencies. And it’s a known fact for American companies, for British companies, for Israeli companies and as well for Russian companies.  But the problem here is that for many years, Kaspersky Lab have pretended that actually the FSB is a law enforcement agency and nothing more. But we all know that the FSB is not only a law enforcement agency tasked to fight criminals but it’s also an intelligence agency and a very active intelligence agency. And we know from actually from the United States because of the sanctions and some US Intelligence reports published after the US election that the FSB was actually accused of being involved in an operation against DNC— Democratic National Committee back in 2016. That’s why everybody now started asking questions about the real nature of this cooperation. And it’s not very helpful that Kaspersky is not very transparent because his company’s cooperation with the FSB, which is quite understandable, but if, say, it will be just a Russian company. But it’s an international brand and the problem it that antivirus software is by definition a very intrusive software. If you install this kind of software on your computer, it means that the company that provides your antivirus software has access to almost everything on your laptop, on your computer. So you should be extremely cautious with this company. You should be absolutely sure that you can trust this company. And that’s the biggest problem with Kaspersky. It started losing trust and that’s, of course, I think that’s one of the biggest problems for the company right now.

Photo credit: EPA/SERGEI ILNITSKY

You are the author of the Red Web, the book that explains the struggle of Russia’s digital dictatorship and the new revolutionaries. But you also write a lot about how the Kremlin tries to not just interfere but sometimes control and have more impact on IT companies. Generally, how would you describe currently the state of cooperation between the Kremlin and (companies like VKontakte and Yandex), bearing in mind how big those companies have become? How influential are they for sharing the news, for public discourse in a lot of countries, also outside of Russia?

I would say it started five years ago right after the Moscow protests hit the streets in our capital. Putin personally became very scared by the protests and by the fact that the protests in Moscow were organized mainly on Facebook and VKontake—social media, social networks. And he started with an offensive in 2012, and in 2014 it became really visible. Why? Because Vladimir Putin personally sent a very strong message to IT business. He had a meeting in June in Moscow with the biggest IT entrepreneurs in the country and basically his message was very clear. He said, ‘you cannot hide from us.’ And that was a very strong message because as the methods they use to control the internet. Sometimes there are some technologies they try to use the internet filtering, they have a very extensive system of online surveillance but they basically rely on intimidation and in this case, it’s better to talk not to millions and millions of users but to try to put the companies under control. To put the companies under control which are in charge of social media. And that’s actually what happened. And the most interesting example is what happened with VKontakte. The founder of this network was expelled and he was replaced by the son of the chief of the Russian-state television and radio empire. So you have a father to control television and a son to control the biggest Russian social media. But then something strange happened. We finally understood that the Kremlin didn’t actually understand the nature of the internet. They started treating the internet in the way they treat traditional media. If you control the company which runs the media you can control the content because the content is generated by employees, by journalists. But it’s not the case in social media. In social media, the content is generated by users, not by employees of say Facebook or VKontakte. So VKontakte, as a company, is under control of the Kremlin for sure. But social media VKontakte is not under control. Not because it’s so free or they love freedom but just because that’s the nature of social media. So when we got some crisis, for example, the crisis in Ukraine, and when the Kremlin tried to deny the military presence in Ukraine, well actually the users of VKontakte they exposed the truth. They started posting some photographs and the geolocation with some information about the units and that presented the truth. This year, in 2017, when we got the new wave of protests in Moscow and in towns in Russia, once again, users of VKontakte used it to mobilize themselves. The company which runs the social media was absolutely helpless. They didn’t know with the activity of the users because it’s about millions, not about hundreds of people. So we need to have this distinction. Yes the companies are mostly loyal to the Kremlin and they are put in a very difficult situation, they cannot say no in many cases. But the services they run, social media, they are not under control because it’s against the nature of the internet.