Founder ‘Eugene’ Kaspersky owns the logo in 1991 2012.
On Monday I read for the first time about something that Kaspersky Lab, a Russian anti-virus software company, calls the “Equation Group“. The Equation Group is the latest ‘tech scare’ coming from the NSA– sorry, that Kaspersky strongly suggests comes from the NSA. The NSA’ers are back and they’re more devious than you’ve ever seen them before!
My understanding is that Kaspersky Lab has not uncovered previously unknown spying tools, but has found out interesting details about already identified ones. For instance, the NSA developed thumb drive software that detects when the drive is used in computers which don’t have an internet connection (this helps the NSA map ‘air-gapped’ computer systems); and software that runs at such a basic level that it can’t be erased, or even monitored on your computer, so that the NSA has your machine forever. You can read Kaspersky’s press release here, but this is the pertinent quote:
The Equation group is probably one of the most sophisticated cyber attack groups in the world; and they are the most advanced threat actor we have seen.
Kaspersky’s revelations are often trumpeted in the American press, for instance, the American-Israeli STUXNET virus that ‘got away’ and endangered every nuclear reactor on the planet. ‘Equation Group’ is no exception: Wired, Ars Technica, International Business Times, etc. have all sounded off on the NSA’s latest super-villain weapons. You’ll remember Wired as the outfit that let Kevin Poulsen write an article about his fellow Freedom of the Press Foundation Technical Advisory Board member, Runa Sandvik, and her TOR party with Snowden.
The American press associates three adjectives with the Equation group: “sophisticated”, “threat”, “expensive”. It *appears* that Kaspersky Lab has just cost the NSA a lot of money. On Monday I wondered if Kaspersky had experienced any retaliation from this, so I posted the following question on the blog of Kaspersky Lab’s lead researcher Costin Raiu:
This report and the work you detail in the post are awesome achievements Costin; congrats to you and the team at Kaspersky. Have you or Kaspersky Labs received any blowback from either the US government, or any organization, for making these revelations?
Although Costin makes an admirable effort to address the questions which are posted on his blog– no matter how trivial– he hasn’t touched this one and I’m beginning to think he never will. I suspect the reason is because Kaspersky hasn’t received any (real) blowback.
I’ll remind readers that the NSA likes to ‘leak’ about it’s vast technical superiority. The first NSA leaks ever, Perry Fellwock’s leaks, were sensationalist accounts of the NSA’s masterful capabilities against the struggling Russians; they were also leaked to David Horowitz, who was/is probably an American intel asset. You could view ‘Snowden’s revelations’ as a backhanded compliment to the NSA too– they don’t seem to have inspired self-examination in the ‘intelligence community’. And now, in 2015, we have a Russian firm proselytizing.
A KGB-tainted Russian firm, no less.
Bloomberg News, America’s portal to the business world, recently accused Kaspersky Lab founder, Evgeny ‘Eugene’ Kaspersky, of having KGB ties. The article says that Kaspersky Lab only investigates American espionage outfits, not Russian ones. Kaspersky posted a typical reply saying that US investigator FireEye, a CIA-funded In-Q-Tel concern, did all the work on Russian threats for them: “FireEye did some great research, so publishing our own after theirs made no sense.”
In the Midwest, we call this ‘one hand washing the other’.
Bloomberg’s KGB accusations are actually not the first against Kaspersky. Wired’s Noah Shachtman broke the ice in 2012:
But Kaspersky’s rise is particularly notable—and to some, downright troubling—given his KGB-sponsored training, his tenure as a Soviet intelligence officer, his alliance with Vladimir Putin’s regime, and his deep and ongoing relationship with Russia’s Federal Security Service, or FSB.
Back in 2012 Kaspersky wrote a blog post denying these allegations, and frankly, Shachtman doesn’t seem to have slowed Kaspersky down. Right now, in 2015, many Western media outfits like the New York Observer, PC Magazine, The Moscow Times have already given ‘Eugene’ a platform from which to refute Bloomberg’s claims. (The English-speaking public has a long history of coping with the Russian name Evgeny, so to me the use of ‘Eugene’ seems disingenuous and smarmy.)
I consider the ruckus around Kaspersky’s KGB ties to be evidence of the US media’s extreme cynicism and hypocrisy. Of course Kaspersky has KGB ties. Guess what? He’s also got ties with the NSA. Back in early 2014, Kaspersky was on the bandwagon screaming that Snowden was a “traitor” who “belongs in the ninth circle of hell”; Kaspersky behaved just like ex-NSA head Michael Hayden and MI5 hag Dame Stella Rimington. Kaspersky went on record saying that his Lab wouldn’t hire Snowden nearly one year before I, and probably most laypeople, had seen through Edward. This makes me suspect that Kaspersky’s relation to the NSA and/or the CIA is of the ‘contractor‘ nature. I’ll go out on a limb and say that the NSA likes Kaspersky’s KGB ties and probably encourages the anti-virus oligarch to snuggle up to the Kremlin as much as possible– then come Stateside for a cup’a joe.
What Bloomberg should be asking is not whether Kaspersky Lab has KGB ties, but to which espionage outfit he’d side with on the occasion that the NSA’s and the FSB’s interests collide. As I’ve written elsewhere, these two espionage operations have strong incentives to cooperate (for instance, manipulating Islamic extremists) and have obviously done so with respect to Edward Snowden; if the Rooskies were 100% antagonistic to the Americans, they’d have sent Edward home with a white cone on his head. (Which makes the forced landing of the Bolivian diplomatic plane in 2013 a meaningless bit of theater, doesn’t it?)
Click for Kaspersky’s “Equation Group” Victims Map. The only “Islamic Scholars” targeted are in the USA and the U.K.; i.e. the ones we let in.
The FSB/KGB and NSA/CIA cooperation has sound historical precedents too, the CIA’s founders–particularly William Donovan– actively sought to cultivate partnerships with Russian intelligence agencies and to hide these partnerships from Congress and the American people. Donovan worked with the Rooskies on the sly because J. Edgar Hoover advised him to: Hoover understood that such partnerships would be (correctly) identified as contrary to the public interest. The OSS and its daughter, the CIA, have always existed to lie to and manipulate the voting public; little has changed.
I believe that all of the KGB connections which Wired and Bloomberg accuse Kaspersky of are true. However, the American media– which is deeply captured by US intelligence– has given Kaspersky more than ample opportunity to refute these claims. I’ll also point out that Kaspersky keeps some high-level company, according to Noah Shachtman at Wired:
Over the past 72 hours, Kaspersky explains, he flew from Mexico to Germany and back to take part in another conference. “Kissinger, McCain, presidents, government ministers” were all there, he says. “I have panel. Left of me, minister of defense of Italy. Right of me, former head of CIA. I’m like, ‘Whoa, colleagues.'”
Bloomberg take note: “Whoa, colleagues.”
In his biography Honorable Men, William Colby, the CIA chief who cooperated with KGB assets, strongly suggests that Henry Kissinger also cooperated with Russian heavies and kept the CIA in the dark about the cooperation– Colby says he doesn’t blame Kissinger for doing so! My point is, at the top of the pile there’s little to distinguish KGB from CIA from NSA from FSB. It’s all about who is useful when– the little people on the bottom are just collateral damage.
Our government doesn’t have to be this way; but in order to fix things the general public needs to understand the nature of the people who are exploiting them. I’m going to continue writing about Kaspersky to that goal, but my post on Colby’s second wife, The Ambassadress, deals with the same ‘sickness’.
When Kaspersky isn’t hobnobbing with Henry Kissinger or ex-CIA chiefs, he’s beating the American porn industry on its own turf: the US legal system. Kaspersky recently “won” a case brought by an Ad agency that claimed “trade libel” because Kaspersky blocked their software on obscenity grounds– a Washington judge threw the case out. Usually in the USA, porn wins by wrapping itself in the flag while its ‘amen choir’ in the media sing “Free Speech!”. It looks like this Russian can trump pornographers’ interests.
Kaspersky’s ‘anti-virus’ products are selling well in the USA; his company has a strong American presence; he’s been lauded by the American chamber of Commerce in Moscow. Kaspersky has been flattered as a ‘Top 100 Global Thinker‘ by Foreign Policy magazine (US government mouthpiece); Kaspersky was named a “top innovator” by CRN, which “salutes the most influential and innovative channel executives in North America“; and ‘Eugene’ won the V3 Technology Award, just like Steve Jobs. But that’s not all: Russian President Dmitry Medvedev gave Kaspersky the Russian Federation National Award in Science and Technology; he’s won China’s National Friendship Award; and he’s been granted an honorary doctorate from the U.K.’ s Plymouth University.
In fact, Kaspersky Lab’s holding company is registered in the United Kingdom and Kaspersky’s first wife and business partner Natalya (not ‘Natalie’) was trained in the early 1990s by the U.K.’s Open University. Most Russians were struggling to find food when Natalya was getting her British degree– and most British billionaires were looking for an ‘in’ on Yeltsin’s corrupt privatizations.
On closer inspection Kaspersky Lab looks more like an Anglo-American multinational than a Russian firm. (Natalya’s corporate offshoot is now heavily invested in German tech companies.) Kaspersky’s ex has also come out in support of Putin’s internet censorship, according to The New York Times:
Natalya Kaspersky, chief executive of InfoWatch, a software company that provides data protection services, said some new restrictions were needed in Russia to protect children and that the fears of government censorship seemed overblown.
“We might argue if such ‘black list’ approach is efficient in the modern Internet assuming the sites might quickly move to another address,” Ms. Kaspersky wrote in an e-mail. “However, it is better than nothing.”
She added, “Right now we have a tremendous freedom of speech in mass media, with no prohibited topics at all.”
If Natalya had changed her name to ‘Natalie Casperson”, she’d probably be sitting on McAffe’s board right now!
I think I’ve made my point about Kaspersky’s backing. Kaspersky is particularly useful because of his KGB roots: unsophisticated people will assume ‘KGB-aligned’ means ‘not American controlled’. The next question is: how is ‘Eugene’ using the platform he’s been given?
When Kaspersky isn’t blogging about his exotic holidays, he’s calling for global cooperation to combat internet “threat actor” abuses. We all need to band together to protect a couple of thousand “prestigious” targets from NSA attacks– no doubt by installing products that Kaspersky will have designed. In 2012 at the ITU Telecom World conference, Kaspersky gave his audience an idea of what such products might look like:
In his keynote address, Eugene Kaspersky described the essential measures to protect industrial control systems. A new, secure unit to obtain trusted workflow information is the first step towards an efficient protection against cyber-warfare. In response to such challenges, Kaspersky Lab is working on a Secure Operating System, which will serve as the trusted node for Industrial Control Systems.
That was one year before Snowden told the world about the NSA’s horrific industrial espionage capability. Kaspersky was already positioning himself to benefit from the fallout.
There are a couple of things going on with Kaspersky’s ‘Equation’ revelations: 1) the NSA is continuing its decades-long propaganda offensive by touting its technology dominance vis-a-vis Russia; 2) Kaspersky is engaging in ‘elite-targeted propaganda’ to build a climate of fear; and 3) Kaspersky is ‘astroturfing’– he’s trying to set himself up as an organic political alternative to abusive American technology companies. Those three points need a little fleshing out.
1) In Adrian Chen’s career-ending article on Perry Fellwock, he says this about the first NSA leaker’s information in Ramparts magazine:
And there, in 1972, was a rogue analyst, some kid in his 20s, describing the NSA’s business down to the colors of the badges worn at its headquarters. Winslow Peck [Perry Fellwock] claimed that the NSA had broken all of the Soviets’ codes…
Of course, ‘Snowden’s revelations’ are also a sneaky compliment to the US intelligence community’s ability to intrude on the privacy of everyone. Now Kaspersky is following suit with “the most advanced threat actor we have seen”.
What does the NSA get out of blowing its own horn? I’ll speculate that the tools we hear about through Kaspersky are tools which have already been compromised in some way, as Thomas Fox Brewster reports in Forbes. Also, GCN reports:
The Kaspersky revelations are not the first time firmware reprogramming has been mentioned in relation to the NSA. In December 2013, German magazine Der Spiegel published a lengthy investigative piece on the activities of the NSA, which had several months earlier been shown to have intercepted the mobile phone conversations of a number of state leaders, including that of German Chancellor Angela Merkel.
As a part of that investigation, the magazine detailed the contents of what it called the NSA’s Spy Catalog, a years-in-the-making collection of NSA-developed malware and surveillance hardware. That included, according to documents the magazine obtained, “spyware capable of embedding itself unnoticed into hard drives manufactured by Western Digital, Seagate and Samsung.”
During the Cold War, US strategists liked to tout their nuclear superiority as a ‘deterrent’ to the use of nuclear weapons (they say). Could the NSA be trying to demoralize their opponents (domestic and international) with claims of “omnipotence”? Or are they working with their industry partners to see which ‘suspect’ organizations are sending in orders to replace products from the following (Equation-compromised) tech companies: Seagate, Samsung, Western Digital, Toshiba, Micron?
2) Perhaps the best reason for the NSA to ‘out’ its own tech superiority is to drum up money for more research. Maybe the NSA’s ‘leak’ game with Kaspersky is about “elite targeted propaganda”, like the 1950 National Security Council Report-68 (NSC-68) which journalist Alex Doherty says was used to browbeat skeptical US elites into supporting massive Cold War military spending. Wall Street Journal writer Henry A. Crumpton got in on this act three days after Kaspersky’s “Equation” revelations by whining about how the USA is losing tech superiority to Islamic terrorists– a “weakness of our own making” because of budget deadlock!
Are Kaspersky’s ‘revelations’ about drumming up more funding for NSA spooks, which in turn drums up more demand for Kaspersky’s “leadership” and security products? I strongly suspect so.
3) Astroturfing is a political strategy whereby establishment actors try to present their interests as those of honest, grass-roots political activists. In his reply to Noah Shachtman’s 2012 Wired article, Kaspersky says the following:
And finally, the very mission of our company is to fight cyber-crime all around the world – together with our colleagues in the industry. We don’t do it just because it happens to be our business; we also do it because we believe that protecting the world from malware is critically important and will continue to allow us to live in a better, safer, more open and effective society. It’s our underlying principle by which we stand firmly and always will.
You see, Kaspersky isn’t in business for the money or power, he made himself a billionaire out of altruism!
Kaspersky ends his reply to Wired’s Noah Shachtman with this emboldened statement: “I’m just a man who’s “here to save the world”.”
In the real world Kaspersky is setting himself up to be managed opposition to NSA abuses; the NSA probably believes Kaspersky is believable in this role because he’s Russian therefore ‘not controlled by Americans’. He just wants to save the world like the Americans… Someday soon we’ll hear how Kaspersky is funding an open-source initiative that ‘wards off’ NSA intrusions.
In conclusion, Kaspersky is an American asset who’s hiding behind the heavy perfume of a Russian corporation. I’m not trying to imply that the NSA is not an abusive organization; I am saying that managed opposition figures like Kaspersky are as untrustworthy as the NSA. If the Snowden debacle has taught us anything, it’s that US citizens need to redefine how we view the world. It’s not about ‘Russia vs. America’, nor even ‘CIA vs. KGB’. It’s about plutocrats versus the groups of people they leech off of; it’s about parasites trying to remain invisible to their hosts. Anything that Kaspersky recommends to protect against NSA abuses *is not the answer*. If you want intelligent advice about internet security, I’d go to guys like Poul-Henning Kamp.
