Russian news site Meduza conducted an investigation into the ongoing conflict Kaspersky Lab faces as a Russian company susceptible to Russian intelligence infiltration and coercion, and Buzzfeed News is sharing that report in English.
The U.S. Department of Homeland Security (DHS) banned all federal agency use of Kaspersky software last September, saying it posed a national security risk. Co-founder and CEO Eugene Kaspersky has been pushing back.
Meduza and BuzzFeed News can reveal for the first time that the decline in fortunes of Kaspersky Lab was the result of an internal struggle for control that pitted allies of the Russian secret service against “tech-savvy” staff and Western investors. The managers within Kaspersky Lab ... with ties to Russia’s security agencies won that battle. But in so doing, they threaten to destroy everything the company has built outside Russia.
The ban that Trump signed resulted from rising concerns among US lawmakers and intelligence agencies that Kaspersky Lab’s software could be used by the FSB to access US government documents. The company says it conducted an internal investigation and found that no data was hijacked via Kaspersky’s antivirus product. But even as Kaspersky Lab denied the charges, files from the US’s National Security Agency were reportedly lifted from a computer with Kaspersky software installed, using a system that one former senior manager says can copy files from a user’s hard drive without their knowledge.
After opening with a story about the kidnapping of Kaspersky's son in 2011, the Meduza/Buzzfeed piece goes on to detail how Russian intelligence officials amassed more and more control within the company over the years and why it is reasonable to suspect Kaspersky's products are being used for espionage.
As the siloviki [a term used inside Russia to refer to politicians and others who formerly served as Russian security services officers] gained influence, they came into ever more conflict with the so-called tech-savvies. The main source of conflict was over the Kaspersky Security Network (KSN) system, which Nikolay Grebennikov, the head of the “tech-savvies” and the company’s technical director, would not allow the siloviki to access, the former senior manager said ...
The KSN, launched in 2012, allows Kaspersky software to examine any potentially threatening file on a user’s computer and compare it with other cases across the network. Previous antivirus software worked locally on computers, comparing infected files to problems in the program’s database. Moving to a “cloud solution” allowed the company to analyze and neutralize new viruses before they spread, Kaspersky Lab has argued.
But according to the former senior manager, who was involved with launching KSN, the product was referred to as “cyberintelligence” inside the company. The system can be run manually from a remote location, he told Meduza, meaning an employee of the Kaspersky Lab can download any file from a computer on which KSN is installed without its owner’s knowledge.
(...)
In a September 2017 memo outlining the government’s decision to ban Kaspersky products from federal government computers, the Department of Homeland Security noted that KSN users “agree to the transfer of a lengthy list of private data from user computers to Kaspersky servers,” which could be intercepted by the FSB.
Full story: Inside The Fight For The Soul Of Kaspersky Lab (Buzzfeed)