Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals
Eugene Kaspersky, Soviet
officer turned software tycoon.
Photo: Stephen Voss
Photo: Stephen Voss
It’s early February in Cancun, Mexico. A group of 60 or so
financial analysts, reporters, diplomats, and cybersecurity specialists shake
off the previous night’s tequila and file into a ballroom at the Ritz-Carlton
hotel. At the front of the room, a giant screen shows a globe targeted by
crosshairs. Cancun is in the center of the bull’s-eye.
A ruddy-faced, unshaven man bounds onstage. Wearing a wrinkled white polo
shirt with a pair of red sunglasses perched on his head, he looks more like a
beach bum who’s lost his way than a business executive. In fact, he’s one of Russia’s richest men—the CEO of
what is arguably the most important Internet security company in the world. His
name is Eugene Kaspersky, and he paid for almost everyone in the audience
to come here. “Buenos dias,” he says in a throaty Russian accent, as he
apologizes for missing the previous night’s boozy
activities. Over the past 72 hours, Kaspersky explains, he flew from Mexico to
Germany and back to take part in another conference. “Kissinger, McCain,
presidents, government ministers” were all there, he says. “I have panel. Left
of me, minister of defense of Italy. Right of me, former head of CIA. I’m like,
‘Whoa, colleagues.’”
He’s bragging to be sure, but Kaspersky may be selling himself short. The
Italian defense minister isn’t going to determine whether criminals or
governments get their hands on your data. Kaspersky and his company, Kaspersky
Lab, very well might. Between 2009 and 2010, according to Forbes, retail
sales of Kaspersky antivirus software increased 177 percent, reaching almost 4.5
million a year—nearly as much as its rivals Symantec and McAfee combined.
Worldwide, 50 million people are now members of the Kaspersky Security Network,
sending data to the company’s Moscow headquarters every time they download an
application to their desktop. Microsoft, Cisco, and Juniper Networks all embed
Kaspersky code in their products—effectively giving the company 300 million
users. When it comes to keeping computers free from infection, Kaspersky Lab is
on its way to becoming an industry leader.
But this still doesn’t fully capture Kaspersky’s
influence. Back in 2010, a researcher now
working for Kaspersky discovered Stuxnet, the US-Israeli worm that wrecked
nearly a thousand Iranian centrifuges and became the world’s first openly
acknowledged cyberweapon.
In May of this year, Kaspersky’s elite antihackers exposed a second weaponized computer program, which they dubbed Flame. It was subsequently revealed to be another US-Israeli operation aimed at Iran. In other words, Kaspersky Lab isn’t just an antivirus company; it’s also a leader in uncovering cyber-espionage.
In May of this year, Kaspersky’s elite antihackers exposed a second weaponized computer program, which they dubbed Flame. It was subsequently revealed to be another US-Israeli operation aimed at Iran. In other words, Kaspersky Lab isn’t just an antivirus company; it’s also a leader in uncovering cyber-espionage.
Kaspersky has 300
million customers. His geek squad uncovers US cyberweapons. And he has deep ties
to the KGB’s successors in
Moscow.
Serving at the pinnacle of
such an organization would be a remarkably powerful position for any man. But
Kaspersky’s rise is particularly notable—and to some,
downright troubling—given his KGB-sponsored training, his tenure as a Soviet
intelligence officer, his alliance with Vladimir Putin’s regime, and his deep
and ongoing relationship with Russia’s Federal Security Service, or FSB. Of
course, none of this history is ever mentioned in
Cancun.
What is mentioned is Kaspersky’s vision for the future of Internet
security—which by Western standards can seem extreme. It includes requiring
strictly monitored digital passports for some online activities and enabling
government regulation of social networks to thwart protest movements. “It’s too
much freedom there,” Kaspersky says, referring to sites like Facebook. “Freedom
is good. But the bad guys—they can abuse this freedom to manipulate public
opinion.”
These are not exactly comforting words from a man who is
responsible for the security of so many of our PCs, tablets, and smartphones.
But that is the paradox of Eugene Kaspersky: a close associate of the autocratic
Putin regime who is charged with safeguarding the data of millions of Americans;
a supposedly-retired intelligence officer who is busy today revealing the covert
activities of other nations; a vital presence in the open and free Internet who
doesn’t want us to be too free. It’s an enigmatic profile that’s on the rise as
Kaspersky’s influence grows.
Eugene Kaspersky as a young
Soviet military cadet.
Photo: courtesy Eugene Kaspersky
Photo: courtesy Eugene Kaspersky
Eugene Kaspersky was a bright kid. At 16 he was accepted to a
five-year program at the KGB-backed Institute of Cryptography, Telecommunications, and
Computer Science. After graduating in 1987, he was commissioned as an
intelligence officer in the Soviet army. A quarter century after the fact, he
still won’t disclose what he did in the military or what exactly he studied at
the institute. “That was top-secret, so I don’t remember,” he
says.
Kaspersky is more open about the day in October 1989 when a
virus first infected his computer. It was a playful little thing called Cascade that made the characters on a PC screen tumble to the
bottom like Tetris blocks. Curious, Kaspersky saved a copy of the
virus on a floppy disk to study how the code worked. A couple of weeks later he
encountered a second virus, and then a third. His interest grew with each
discovery. “For Eugene, it was an addiction,” his friend Alexey De Mont De Rique
says. Each time a new virus appeared, Kaspersky would “sit in front of the
computer for 20 hours straight,” trying to pick it apart, De Mont De Rique
recalls. In the small world of antivirus
researchers, the Soviet officer quickly made a name for himself.
By the early ’90s, Kaspersky wanted out of the army so he
could study viruses full-time. There was one small problem: “It was almost not
possible,” he explains. The only way to get out was to go to jail, get sick, or
prove yourself to be extremely incompetent. Kaspersky’s old instructor at the
Institute of Cryptography had a company that sold everything from athletic shoes
to PCs. Somehow—Kaspersky won’t answer questions about this either—the former
professor was able to get Kaspersky a discharge and hire him. Kaspersky’s wife,
Natalya, and De Mont De Rique soon joined him at the
company.
In 1997 the three of them went into the antivirus business for
themselves. Their software was advanced for the time. They were the first to allow users of Internet
security software to watch malware operate in an isolated “sandbox,” quarantined
from the rest of the computer; they were among the first to store entire
programs in a virus database. The young company flourished even as
Kaspersky’s marriage to Natalya fizzled. The couple divorced in 1998, but she
continued to handle sales and finance while he worked in the “virus lab,”
classifying new threats himself. “The typical analyst would process maybe 100
pieces of new malware a day,” says Aleks Gostev, one of Kaspersky’s top
researchers. “Eugene would do 300.”
Today Kaspersky Lab employs about 200
virus researchers—some in the US and China, but the bulk of them in a converted
electronics factory 6 miles northwest of the Kremlin. On a sunny April
morning when I visit, the old factory feels more like a grad school, with
tattooed twenty somethings from across the former Soviet Union roaming the
curved halls. The school mascot seems to be Kaspersky himself. Some employees
wear Che Guevara T-shirts—with the boss’s face replacing the revolutionary’s. On
the walls are black-and-white photos of long-serving employees dressed in war
paint and moccasins like Native Americans. “Eugene the Great Virus Hunter,”
reads the caption under the CEO’s image—in which he’s drawing a bow and arrow.
Some 12,543 emails about suspicious programs came into the company just this
morning, bringing the grand total to nearly 7.8 million.
‘Rule number one of successful companies
here is good relations with the secret police.’
The accumulation happens
automatically. When a user installs Kaspersky software, it scans every
application, file, and email on the computer for signs of malicious activity. If
it finds a piece of known malware, it deletes it. If it encounters a suspicious
program or a message it doesn’t recognize—and the user has opted to be part of
the Kaspersky Security Network—it sends an encrypted sample of the virus to the
company’s servers. The cloud-based system automatically checks the code against
a “whitelist” of 300 million software objects it knows to be trustworthy, as
well as a “blacklist” of 94 million known malicious objects.
If the code can’t be found on either of these lists, the system analyzes the program’s behavior—looking at whether it’s designed to make unauthorized changes to the computer’s configuration options, for example, or whether it constantly pings a remote server. Only in the rare instance that the system is stumped will one of Kaspersky’s T-shirt-clad virus researchers step in. They’ll characterize the code by function: password stealer, bogus web page server, downloader of more malicious programs. Then they’ll suggest a “signature” that can be used to spot and filter out the malware in the future. In just minutes, a software update that incorporates these new signatures can be pushed out to Kaspersky’s tens of millions of users.
If the code can’t be found on either of these lists, the system analyzes the program’s behavior—looking at whether it’s designed to make unauthorized changes to the computer’s configuration options, for example, or whether it constantly pings a remote server. Only in the rare instance that the system is stumped will one of Kaspersky’s T-shirt-clad virus researchers step in. They’ll characterize the code by function: password stealer, bogus web page server, downloader of more malicious programs. Then they’ll suggest a “signature” that can be used to spot and filter out the malware in the future. In just minutes, a software update that incorporates these new signatures can be pushed out to Kaspersky’s tens of millions of users.
This is the core of the $600-million-a-year business that grew out of
Kaspersky’s virus hobby. It’s really not all that different from the way US
security companies like Symantec or McAfee operate globally. Except for the fact
that in Russia, high tech firms like Kaspersky Lab have to cooperate with the
siloviki, the network of military, security, law enforcement, and KGB
veterans at the core of the Putin regime.
The FSB, a
successor to the KGB, is now in charge of Russia’s information security, among
many other things. It is the country’s top fighter of cybercrime and also
operates the government’s massive electronic surveillance network.
According to federal law number 40-FZ (.pdf), the FSB can not only compel any telecommunications business to install “extra hardware and software” to assist it in its operations, the agency can assign its own officers to work at a business. “Rule number one of successful companies here is good relations with the siloviki,” says one prominent member of Russia’s technology sector.
According to federal law number 40-FZ (.pdf), the FSB can not only compel any telecommunications business to install “extra hardware and software” to assist it in its operations, the agency can assign its own officers to work at a business. “Rule number one of successful companies here is good relations with the siloviki,” says one prominent member of Russia’s technology sector.
Kaspersky says the FSB has never made a request to tamper with his
software, nor has it tried to install its agents in his company. But that
doesn’t mean Kaspersky and the security agency operate at arm’s length. Quite
the opposite: “A substantial part of his company is intimately involved with the
FSB,” the tech insider says. While the Russian government has used currency restrictions to
cripple a firm’s international business in the past, Kaspersky faces no such
interference. “They give him carte blanche for his overseas operations, because
he’s among the so-called good companies.”
Eugene Kaspersky’s lab isn’t just an
antivirus company; it’s also a leader in uncovering cyber-espionage.
Photo: Stephen Voss
Next door to the Moscow
virus lab is the home base for another arm of the operation—a team of elite
hackers from around the world that Kaspersky hand-selected to investigate new or
unusual cybersecurity threats. Kaspersky calls this his Global Research and
Expert Analysis Team—GREAT, for short. Two of them are waiting
for me in their office. Sergei Golovanov sports rectangular glasses and a beard
out of a ’90s nu-metal video. Aleks Gostev is skinny as a rope and has dark
circles under his eyes.
With Kaspersky’s encouragement, GREAT has become increasingly active in
helping big companies and law enforcement agencies track down cybercriminals.
Gostev assisted Microsoft in its takedown of the Kelihos botnet, which churned out
3.8 billion pieces of spam every day at its peak. Golovanov spent months chasing
the Koobface gang, which suckered social media users out of an
estimated $7 million.
One of GREAT’s frequent partners in fighting cybercrime,
however, is the FSB. Kaspersky staffers serve as an outsourced, unofficial geek
squad to Russia’s security service. They’ve trained FSB agents in digital
forensic techniques, and they’re sometimes asked to assist on important cases.
That’s what happened in 2007, when agents showed up at Kaspersky HQ with
computers, DVDs, and hard drives they had seized from suspected crooks. “We had
no sleep for a month,” Golovanov says. Eventually two Russian virus writers were
arrested, and Nikolai Patrushev, then head of the FSB, emailed
the team his thanks.
Kaspersky’s public-sector work, however, goes well beyond Russia. In May,
Gostev and Kaspersky were summoned to the Geneva headquarters of the
International Telecommunication Union, the UN body charged with encouraging
development of the Internet. The Russians were ushered into the office of ITU
secretary-general Hamadoun Touré, where the Soviet-educated satellite engineer
told them that a virus was erasing information on the computers of Iran’s oil
and gas ministry. This was coming just two years after the discovery of the
Stuxnet worm, which had damaged Iran’s centrifuges. Touré asked Kaspersky
to look into it.
Back at the lab, analysts from GREAT began combing through
archived reports from customers’ machines. One file name stood out: ~DEB93D.tmp.
The virus was eventually found on 417 customers’ computers—398 of which were in
the Middle East, including 185 in Iran. Some machines had been infected since
2010, but the file had never been deeply analyzed. The researchers were able to
isolate one piece of the malicious code—and then another and
another.
One module of the software surreptitiously turned
on a machine’s microphone and recorded any audio it captured. A second collected
files, especially design and architectural drawings. A third uploaded captured
data to anonymous command-and-control servers. A fourth
module, with the file name Flame, infected other computers. The analysts
discovered about 20 modules in all—an entire toolkit for online espionage. It
was one of the biggest, most sophisticated pieces of spyware ever discovered. In
honor of the transmission program, the researchers called it Flame. On May 28, a Kaspersky
analyst announced what the team had found.
Flame was another part of
America’s shadow war against Iran — and Kaspersky killed it.
The spyware was too complex for simple crooks or hacktivists,
the researchers said. Flame had been coded by professionals, almost certainly at
a government’s behest. The company called it a cyberweapon and speculated that
it was related to Stuxnet.
On June 1, The New York
Times revealed for the first time that the White House had, in fact, ordered the deployment of Stuxnet as part of a
sophisticated campaign of cyberespionage and sabotage against Tehran. Then, on
June 19, The Washington Post was able to confirm that Flame was yet another part of this shadow war against
Iran. Kaspersky had outed—and in effect killed—it.
For Kaspersky, exposing Flame reflects his company’s broader ambition: to
serve as a global crime-stopper and peacekeeper. Malware has evolved
from a nuisance to a criminal tool to an instrument of the state, he
says, so naturally he and his malware fighters have grown in
stature and influence too. “My goal is not to earn money. Money is like oxygen:
Good idea to have enough, but it’s not the target,” he says. “The target is to
save the world.”
In a locked room down the hall from his office, Kaspersky is working on a secret project to fulfill that lofty ambition. Not even his assistant has been allowed inside. But after we’ve spent a day together—and knocked back a few shots of Chivas 12—he unlocks the door and offers me a peek. It’s an industrial control system, a computer for operating heavy machinery, just like the ones that Stuxnet attacked (and, Kaspersky researchers believe, Flame may also have targeted).
Kaspersky’s team is quietly working on new ways to harden these systems against cyberattack—to protect the power grids and prisons and sewage plants that rely on these controllers. The idea is to make future Stuxnets harder to pull off. The controllers haven’t been engineered with security in mind, so the project is difficult. But if it succeeds, Kaspersky’s seemingly outsize vision of his company’s role in the world might become a little less outlandish.
In the meantime, there’s always politics.
Kaspersky at the 2011 Brazilian Grand
Prix, flanked by drivers from the Ferrari F1 team that he sponsors.
Photo: courtesy of Kaspersky Lab
Photo: courtesy of Kaspersky Lab
Kaspersky has cultivated the image of a wild man with
cash to burn—the flamboyant say-anything, do-anything, drink-anything
gazillionaire. In Asia, he’s clowned around in TV commercials with Jackie
Chan. In Europe, Kaspersky sponsors the Ferrari Formula One team and goes on
Dublin pub crawls with Bono. Back in Russia, he throws New Year’s parties for
1,500. The most recent one had a rock-and-roll theme; Kaspersky took the stage
in a Harley jacket. Last summer he took some 30 people to Russia’s Kamchatka
Peninsula for a volcano-hiking excursion. Then there are the Kaspersky Lab
conferences disguised as boozy getaways (or perhaps vice versa): the “analysts’
summit” on Spain’s Costa del Sol, the “VIP executive forum” in Monte Carlo, the
“press tour” in Cyprus, the whatever-it-was thing in Cancun.
All of this might lead some to dismiss Kaspersky as a dilettante plutocrat who drinks single-malt and gets made up for TV while his employees do the real technical work. But the critics would be missing the point: One of the systems Kaspersky is now trying to hack is politics, and his antics are part of the act. Every trip to Shanghai’s Formula One race or the London Conference on Cyberspace is another chance to court diplomats and politicians, another chance to extend his company’s influence.
And one of his goals is to persuade policymakers to refashion the Internet into something more to his liking—and, as it happens, something more to the liking of the Putin government as well.
Kaspersky says it’s time to
give up privacy online: ‘By protecting our right to freedom we actually
sacrifice it!’
In one hotel ballroom after
another, Kaspersky insists that malware like Stuxnet and Flame should be banned
by international treaty, like sarin gas or weaponized anthrax. He argues that the Internet should be partitioned
and certain regions of it made accessible only to users who present an “Internet
passport.” That way, anonymous hackers wouldn’t be able to get at sensitive
sites—like, say, nuclear plants. Sure, it might seem like we’d be
sacrificing some privacy online. But with all the advertisers, search engines,
and governments tracking us today, Kaspersky argues, we don’t really have any
privacy left anyway. “You can have privacy if you live somewhere in the jungle or the
middle of Siberia,” he recently told a confab in the
Bahamas.
The Internet grew from a network of researchers to the global nervous
system in large part because practically anyone was able to access any part of
it from anywhere—no ID needed. And the values of openness, freedom, and
anonymity became deeply embedded in net culture and in the very architecture of
the network itself. But to Kaspersky, these notions no longer work: By
“protecting our right to freedom we actually sacrifice it! We sacrifice the
right to safe Internet surfing and to not get infected by some nasty piece of
malware at every step.”
The idea of stripping some amount of privacy from the Internet
is gaining traction in many sectors, thanks at least in small part to
Kaspersky’s lobbying. In Cancun, he was joined onstage by Alexander Ntoko, a top
official at the International Telecommunication Union. “Why don’t we have
digital IDs as a de facto for everybody?” he asks. “When I’m going to my bank,
I’m not going to cover my face.” In other words, why should things be any
different online?
The ITU was once a bureaucratic backwater. In recent
years, however, the Russian and Chinese governments have been pushing to give the agency a central role in governing the
Internet. Instead of the US-dominated nonprofits that currently coordinate
domain names and promote technical standards, they want to turn authority over
to a gathering of national governments represented by the ITU. It’s a move that
one of the Internet’s creators, Vint Cerf, told Congress risks “losing the open and free Internet,” because it
would transfer power from geeks to government bureaucrats. The ITU is set to
revisit the 24-year-old treaty governing
international telecommunications in December.
Whether or not it secures this power, the ITU has found a willing ally in
Kaspersky. When he traveled to ITU headquarters in Geneva, a few months after
Cancun, Kaspersky not only agreed to look into the attacks on the Iranian oil
ministry, he also told ITU chief Touré that he would assign some of his top
researchers to be on call to help the organization with any future
investigations. It’s a good deal for both men. Kaspersky gets to extend his
influence—and maybe catch the next big cyberweapon. Touré and the ITU get a
personal cybersecurity team.
But Kaspersky’s closest political ties remain in Russia. As
one of his country’s most successful technology entrepreneurs—and, in many ways,
Russia’s spokesman for all things Internet—Kaspersky has hosted former president
and current prime minister Dmitry Medvedev in his offices (see video below);
Medvedev, in turn, appointed Kaspersky to serve in Russia’s Public Chamber,
which is charged with monitoring the parliament.
Kaspersky and the Moscow government have espoused strikingly
similar views on cybersecurity. This goes beyond the security industry’s basic
mission of
keeping data safe. When Kaspersky or Kremlin officials talk about responses to
online threats, they’re not just talking about restricting malicious data—they
also want to restrict what they consider malicious information, including
words and ideas that can spur unrest.
Kaspersky can’t stand social networks like Facebook or its Russian
competitor, VK (formerly known as VKontakte). “People can manipulate others with
the fake information,” he says, “and it’s not possible to find who they are.
It’s a place for very dangerous action.” Especially dangerous, he says, is the role of
social networks in fueling protest movements from Tripoli to Moscow, where
blogger Alexei Navalny has emerged as perhaps the most important
dissident leader and sites like VK and LiveJournal have helped bring tens of thousands of people into the streets.
Kaspersky sees these developments as part of a disinformation campaign by
antigovernment forces to “manipulate crowds and change public
opinion.”
Nikolai Patrushev—the former FSB chief who now serves as Putin’s top security adviser—makes a nearly identical case. In June he told a reporter that outside forces on the Internet are constantly creating tensions within Russian society. “Foreign sites are spreading political speculation, calls to unauthorized protests,” he says.
Russia’s government and its most famous technology
entrepreneur have long had each other’s backs, cooperating on cybercrime
investigations and supporting each other’s political agendas. But the two became
utterly intertwined at 6:30 in the morning on April 19, 2011, when Kaspersky’s
cell phone rang in his London hotel room. According to the caller ID, it was
Ivan, Kaspersky’s 20-year-old son. But the voice on the other end was not Ivan.
It was an older man who politely told Kaspersky: “We’ve got your son.”
Eugene Kaspersky now
travels in Russia with bodyguards, after the kidnapping of his son.
Photo: Stephen Voss
Photo: Stephen Voss
Outwardly, Kaspersky didn’t
react to the news of Ivan’s kidnapping. He said he was tired and asked the
caller to ring him back later in the morning—which the caller did, from another
number. This time, Kaspersky said he was in an interview and told the guy to
make a third call.
It was a ploy, a stall for time while Kaspersky hurriedly reached out to
his corporate security manager, who reached out to the FSB. Ordinarily the
Russian intelligence service isn’t in the business of freeing kidnap victims.
But Ivan Kaspersky wasn’t your average abductee. “My first thought was that this
is serious. Second, immediately call the FSB. And third, they are stupid to
attack me,” Kaspersky says. “I was 100 percent sure—well, 99 percent sure—that
FSB and police would find them. We have very good relations with both the FSB
cybersecurity department and the Moscow police department. They know us. They
know us as people who support them when they need it. They started to work like
crazy.”
That night Kaspersky took the red-eye back to Moscow. He
plodded his way through the morning rush hour, his phone ringing every few
minutes. As the kidnappers made their demands—3 million euros in denominations
of 500—they tried to cover their tracks, switching cell phones and SIM cards
constantly.
But with every call, the kidnappers were giving the FSB more data to track them
down.
According to the caller ID,
it was Kaspersky’s kid. But the voice on the other end was an older man’s,
saying: ‘We’ve got your son.’
Kaspersky arrived at a police station in central Moscow and promptly
passed out from anxiety and exhaustion. He and his ex-wife stayed there for the
next four days, pacing the halls while the FSB pored through call records and
the Moscow cops staked out a suburban cabin where they believed Ivan was being
held. After a few days, the officers lured the kidnappers out of the house with
the promise of a ransom payment. They were captured without a shot. Ivan was
freed, a little grimy—there was no running water in the cabin—but otherwise
fine. “It was probably the only period in his life when he was reading books,”
jokes his mother, Natalya Kaspersky, who met him at the
scene.
At first, Kaspersky publicly blamed himself for not adequately protecting
his family. But later he started blaming something else: VK. Kaspersky said that
the Russian social network had tempted Ivan into posting his address, phone
number, even details of his internship at InfoWatch, Natalya’s security
company.
“Social networks shouldn’t encourage users to post that sort of information. If a
“Social networks shouldn’t encourage users to post that sort of information. If a
site asks for private information, then criminal charges should be brought
against it in the event of a leak,” Kaspersky told Russia’s RT television
channel in October. Widely viewed as a Kremlin propaganda outlet, RT aired the remarks as part of a
documentary on the death of online privacy and the dangers of social networks,
with Ivan’s kidnapping as a primary example. The program encouraged people to
protect themselves by dropping offline completely. As it happened, the
documentary ran just as online opposition to the ruling party was starting to
bubble up. In the months that followed, top bloggers and activists were detained
by the government, and the FSB tried (unsuccessfully) to force VK to purge the
pages of some groups from its network.
The Kaspersky kidnapping ended up being a tool for the ruling
party. But according to Natalya, the whole kidnapped-because-of-VK story is
nonsense. “They found him on social networks? It’s not true. They followed him
for a month or more. They knew all his ways, where he is going, whom he
contacts,” she says. Yes, Ivan posted an address online—”a false address from an
old house.” There’s no way, she says, that this helped the
kidnappers.
So why did Eugene Kaspersky publicly blame VK? Perhaps
Kaspersky simply let his emotions get the better of him—his son had been
kidnapped, after all. Perhaps he mistook the fake address Ivan posted for a real
one. Whatever the reason, in the end, the son’s kidnapping became a way to
attack the father’s political foes.
Eugene Kaspersky now travels in Moscow with a team of bodyguards.
He moved to a duplex in a gated community bordering a park—better for keeping
his girlfriend and their infant son safe, he explains. A wraparound balcony
overlooks the still-frozen Moskva River and the site of Kaspersky Lab’s new
five-story headquarters. To the left you can almost see Kaspersky’s childhood
home: a one-room shack originally built for prison laborers in the Stalin
era.
It’s an early Sunday afternoon in late April. Kaspersky,
smoking a Chinese cigarette, is wearing the same bargain-rack striped shirt he
was wearing Friday. His mother, who also lives in the complex, heats up blintzes
and opens some canned caviar. Up close it becomes clear that Kaspersky’s image
as a mega-rich, hyperconnected playboy is mostly an act. In truth, he stays away
from Russia’s oligarchs, whom he sees as little different from the cybercrooks
he chases. He views his move into politics as a necessary evil, an offer he’s in
no position to refuse. Kaspersky doesn’t bother with political rallies or
Moscow’s famously immoderate nightlife; he’d rather be in an airplane seat on
his way to some conference to share ideas with other technophiles. When he goes
to places like Kamchatka, he says, he takes employees or clients. “I don’t have
any friends outside of work.”
Sure, Kaspersky touts a Kremlin-friendly line. In Putin’s Russia,
executives who
don’t have a habit of disappearing.
While critics assume
that Kaspersky’s company is a virtual arm of Russian intelligence, he and his
staff insist, not unconvincingly, that their work with the FSB has its
limits. They argue that using its software to spy on users would
undermine the company’s credibility worldwide; it would be like the local
locksmith moonlighting as a cat burglar. That credibility is at the heart of
Kaspersky Lab’s business. Without lots of customers, there would be no Kaspersky
Security Network, no database of known threats or tally of infected
machines.
Yes, Kaspersky publicly touts a Kremlin-friendly line. But in
Putin’s Russia, executives who neglect to do so have a disturbing habit of
winding up in jail or being forced into exile. Besides, you don’t need to be a
Moscow crony to push against free speech and privacy online. Plenty of Western
officials are doing that too.
Until 2011, Italians had to present their ID cards before using Wi-Fi at an Internet café. The European Commission is now mulling a continent-wide system of “electronic authentication.”
British prime minister David Cameron contemplated cracking down on social media after the 2011 London riots. And retired US vice admiral Mike McConnell wrote in The Washington Post about the “need to reengineer the Internet to make attribution … more manageable.” He previously served as US director of national intelligence—America’s top spy.
Until 2011, Italians had to present their ID cards before using Wi-Fi at an Internet café. The European Commission is now mulling a continent-wide system of “electronic authentication.”
British prime minister David Cameron contemplated cracking down on social media after the 2011 London riots. And retired US vice admiral Mike McConnell wrote in The Washington Post about the “need to reengineer the Internet to make attribution … more manageable.” He previously served as US director of national intelligence—America’s top spy.
In many ways, the
relationship between the Kremlin and Kaspersky Lab is the same as the one
between Washington and the big US security companies. Moscow gives millions to
Kaspersky to help secure government networks—much as the Pentagon pours millions
into contracts with McAfee and Symantec. Kaspersky helps the FSB track down
cybercrooks; McAfee and Symantec work with the FBI. Kaspersky employees brief
the Duma, Russia’s parliament; American researchers brief Congress and the White
House. These security firms have all become key players in their home countries’
network defenses and in cybersecurity investigations
worldwide.
But while the American and Russian companies are similar,
there are important differences. Stuxnet was a highly classified US operation
serving one of the government’s top geopolitical goals. Symantec, a US company,
went after it anyway. It’s hard to find a similar case of
Kaspersky and the Kremlin working at cross-purposes.
In December 2011, Kaspersky came under criticism for appearing
to do the opposite—ignoring an act of online criminality when it was politically
convenient. On the eve of Russia’s parliamentary elections, massive
denial-of-service attacks brought down social networks like LiveJournal, media
outlets like Kommersant.ru, and the independent election watchdog Golos. It
seemed to be a politically motivated hit on potential opponents and critics of
the ruling regime. Yet Kaspersky Lab—which boasts that its software can spot and
fight DDoS attacks—denied the existence of any such activity. “We detected none. Very strange,” Kaspersky tweeted. The next
day he wrote on his blog that the attacks actually had been detected, but he
speculated that many of the sites were victims of technical problems or perhaps
their own popularity.
Kaspersky denies that he blew off the DDoS attacks in an
attempt to curry favor with the ruling powers. (Then he claims that pro-Putin
sites got hit by the online strikes as well.) But Andrei Soldatov, a muckraking
investigative journalist whose Agentura.ru site was hammered in the attacks, has
a very
different view: “I cannot explain Kaspersky’s ignorance by anything but
conscious intention to take the Kremlin’s side, a position very weird for the
independent expert he claims to be.”
Kaspersky’s office has just the trappings you’d expect for someone
who rose from a kid in a shack to become a continent-hopping mogul: a Ferrari
racing jacket, boxes of his software in Chinese and German, a model of
SpaceShipTwo, the aircraft that’s going to fly well-heeled tourists to
the edge of the atmosphere (Kaspersky already has a $200,000 ticket). Late one
afternoon, he reaches into a small closet and pulls out a lab coat with his
company’s logo to show me. Behind that is a basketball jersey from the New
Jersey Nets, the NBA team owned by Russian billionaire Mikhail Prokhorov. At the
very back of the closet I glimpse the dark green dress jacket from Kaspersky’s
Soviet Army uniform. The garment is in pristine condition; it looks like it
could still be worn in a military parade.
There are plenty of Russian magnates content to use their
Kremlin connections and corruption-fueled profits to bully and buy their way
into the global arena. Kaspersky has long tried to play a different game: He’s
an international entrepreneur and thinker who is from Putin’s Russia, but not of
it. Kaspersky’s financial success and influence is a testament to how skillfully
he has walked this fine line. Yet the questions endure: Can a company so
valuable to Moscow’s government ever be truly independent of it? And what else
is hidden in the back of the closet, that the rest of the world can’t
see?
I go in for a closer look at the jacket. Kaspersky shuts the
door. “It’s nothing,” he says, walking out of the room. “Let’s find a
drink.”
No comments:
Post a Comment