INTERVIEW: Russian tech billionaire Kaspersky caught in cyber Cold War crossfire

INTERVIEW: Russian tech billionaire Kaspersky caught in cyber Cold War crossfire
Kaspersky Lab founder Eugene Kaspersky with Pope Francis. / Photo by Kaspersky Lab
By Jason Corcoran in Dublin September 29, 2016

Eugene Kaspersky, the Russian founder of the global software security firm, insists he is non-partisan in a new Cold War that increasingly utilises cyberwarfare to interfere with national politics.

In an exclusive interview with bne IntelliNews, Kaspersky says allegations that Russia was behind a recent attempt to sabotage Hillary Clinton's bid for the US presidency was “a political blame game”. Donald Trump, her main rival, urged Russia to hack into and release Clinton’s personal emails while the FBI said there was  a “weight of opinion” pointing to Moscow as the original source of the attack on the US Democratic party’s computers.

“There were some Russian-speaking ‘fingerprints’ and components so they could be Russians, but they could be international or mercenaries,” ventures Kaspersky, aged 50, speaking with bne IntelliNews in Dublin, a new focus of his company’s expansion. “Who knows? I really sense this is a really politically-motivated blame game.”

Cyber crossfire

Kaspersky and his firm, which has about 3,300 employees with offices in 32 countries, has increasingly been caught up in a cyber crossfire as relations between Moscow and the West  plummet over Russia’s involvement in conflicts in Ukraine and Syria. Reports by Western media, including the New York Times and Bloomberg News, claim Kaspersky is tight with the Russian intelligence services and is soft on Russian state-sponsored cyberattacks.

But Kaspersky, who trained as a cryptologist at a Soviet KGB-sponsored institute, insists his firm works with all law enforcement agencies and points to instances where his team have helped Interpol, Europol and other foreign police to bring cybercriminals to justice.

“In reality, there are three major languages in this area in targeted attacks and that’s native Chinese, native Russian and native English,” he says. “But everyone spies on everyone. Who is the best and who is the worst? I don’t know, because we don’t see all the victims and all the attacks. Many are very invisible and many are very professional, and maybe they will stay invisible forever.”

US officials blame hackers guided by the Kremlin for the attacks on Democratic National Committee (DNC) servers earlier this year that resulted in WikiLeaks publishing about 20,000 private emails just before Clinton was nominated by her party to run for the White House. The leaks showed attempts by party officials to smear her main rival Bernie Sanders.

Putin said the hacking of DNC documents was a service to the public, but denied accusations that Russia was involved. However, an investigation by US cybersecurity firm CrowdStrike traced the break-in to two groups it says are linked to the Russian intelligence services. One, Cozy Bear, it claims is linked to the Federal Security Service (FSB), the main successor to the KGB, while the other, Fancy Bear, it says is tied to a branch of the Ministry of Defence.

Dmitri Trenin, director of the respected Carnegie Moscow Centre, believes information warfare has become, alongside the geo-economics of sanctions and counter-sanctions, one of the principal battlefields in the new confrontation between Russia and the West.

“Some cases look like direct tit-for-tats,” Trenin said in a recent report. “The exposure of the DNC leadership secretly supporting one candidate against another and thus rigging the primary vote appears as payback for Hillary Clinton’s diatribes against Russia’s own flawed parliamentary elections of December 2011. The opening of World Anti-Doping Agency medical files shows that US Olympic champions did take banned drugs, while Russian athletes were banned en masse from participating in the Rio Games.”

Documents obtained by The Intercept last year indicate that the US National Security Agency (NSA) as well as the UK’s Government Communications Headquarters (GCHQ) targeted Kaspersky Lab. Citing documents leaked by whistleblower Edward Snowden, government agencies used what’s known as software reverse engineering to snoop on the Russian company’s private emails and lists of new malware that they had flagged.

While the attack succeeded in gaining access to data related to R&D and new technologies, Kaspersky said there was no disruption to any products or to their clients. “I don’t want to point the finger, but it was definitely a state-sponsored attack,” he says. “First of all, I was surprised and angry, but then I thought this is good news because we must be doing a good job if they want to know what we are working on right now.”

Who’s spooking who

Kaspersky is far from being a fan of Snowden despite the former NSA contractor’s revelations about spying against his firm. Snowden has lived in Moscow for the past three years after orchestrating the biggest leak in US intelligence history. Kaspersky says he has never met nor communicated with the American, who was offered a job by Vkontakte founder Pavel Durov.

“Snowden violated the contract with his employer, which is bad,” says Kaspersky, who once received an award from then President Dmitry Medvedev in the Kremlin. “I don’t respect this kind of behaviour. It’s the wrong way of fighting for freedom.”

Meanwhile, Kaspersky doesn’t spare much thought over Snowden’s fate, and whether he remains in Moscow or gets sent back to the US. “I don’t care, it’s not my game,” he says. “If they [Snowden] find something about my company and vulnerability about my products, we of course will research that. If they find anything about cybercriminals in my area, of course I will pay attention.”

Kaspersky is more ambivalent about the Kremlin’s new ostensibly anti-terrorist legislation, dubbed the “Big Brother” law by its critics – a package of repressive measures reminiscent of Soviet-era surveillance. Also known as the “Yarovaya” law amendments after their author MP Irina Yarovaya, the package adopted in June requires telecommunications operators and internet providers to save back-ups of incoming and outgoing traffic for at least six months.

“It’s good and bad at the same time,” he says. “The bad is that your private data will be stored for some period of time and it can be used against you. The good thing is that if there is some kind of criminal activity, it can help the authorities to investigate the case.”

The Russian daily Kommersant reported on September 22 that Kaspersky’s ex-wife Natalya was working with the Kremlin on the new laws, which may also allow the government to monitor and decrypt Russia’s online traffic in real-time. Natalya, a co-founder of Kaspersky Lab who quit in 2007, heads cybersecurity firm InfoWatch and is a member of the state IT and Sovereignty working group.

To combat the growth of cybercrime globally, Kaspersky has called for more cooperation between the superpowers and for malware to be banned by international treaty like Sarin nerve gas was. “Progress is going on, but not very fast,” he admits. “Countries are talking more and more to each other. For example, [US President Barack] Obama was speaking to the Chinese president and they agreed about decreasing the attacks on each nation. So now China is focusing more on Russia now,” he adds, laughing.

Kaspersky Lab has helped unearth many super-viruses, including Stuxnet, which is believed to be the first cyberweapon ever used for offensive purposes. Experts say the US and Israel developed Stuxnet to slow down Iran’s nuclear programme. In 2015, Kaspersky’s team unmasked the Equation Group, billing it as the most advance hacking group they had ever seen.

The largest issue for the industry is attacks on the financial sector, but the biggest threat in the future will be attacks on critical infrastructure, such as hospitals and nuclear plants, according to Kaspersky.

The firm even has five ATMs in its Moscow office from different lenders to help them to investigate cases and provide better data protection “Banks are suffering from thousands of attacks every day,” says Kaspersky. “The hackers are always looking for the weakest ones. Most of the attacks are not successful, but in some case they are successful and they get deeper and deeper.”

Virus kickstart

Kaspersky got into cybersecurity by chance after his computer became infected in 1989 with the ‘Cascade’ virus, which made characters on a screen tumble to the bottom like Tetris blocks. His education in cryptography helped him to analyse the encrypted virus, understand its behaviour and develop a tool to remove it.

By the time he was 24, he had created his first anti-virus software to protect his own computer. Eight years later, he founded Kaspersky Lab, which is now the fourth-biggest anti-virus product maker in the world.

The company, which has 460mn users and $711mn in annual revenue in 2014, is growing and expanding organically rather than through M&A. In 2012, Kaspersky surprised the market after canning plans for a New York IPO, arguing it would slow down decision-making and hinder long-term R&D investments. The fallout from the collapsed deal led to a raft of senior departures and the exit of a cornerstone investor, but he says “We have no plans to go public”.

“We behave almost like a public company insofar as we publish extensive financial data. We are self-funded and now we invest into cyber-security startups,” he says.

Ireland’s got talent

Meanwhile, Kaspersky, who has a net worth estimated at about $1.1bn, enthuses about his current expansion in Dublin after his firm chose the Irish capital for the site of its first R&D centre in the EU.

Instead of taking advantage of Ireland’s low corporate tax base, Kaspersky says he was attracted by the country’s IT talent. The Moscow-headquartered company is investing an initial €5mn in its Irish R&D operation and creating 50 jobs. “We don’t have any plans to have taxation here,” he says. “We pay our corporate taxes in London. We are a security company and we have to be 100% transparent and far away from any questions of trying to evade taxation.”

Despite the June Brexit vote, Kaspersky says he has no plans to quit the UK, where his company’s European head office and its holding company are located. That means the company pays 20% corporate tax in London, which is considerably more than Ireland’s low rate of 12.5%.  

IDA, the Irish state agency tasked with attracting inward investment, said the courtship with Kaspersky took two and a half years from the initial meeting to the operation’s launch. They hope Kaspersky can now lure other big Russian companies to Ireland and there have already been informal discussions with Internet giants and Yandex 

“Kaspersky is a brand name in Russia – it will help showing Russia what we have to offer,” said Martin Shanahan, chief executive of IDA.