Slashdot Mirror
US 'Orchestrated' Russian Spies Scandal, Says Kaspersky Founder (theguardian.com)
Alex Hern, writing for The Guardian: Eugene Kaspersky, chief executive and co-founder of the embattled Russian cybersecurity firm that bears his name, believes his company is at the centre of a "designed and orchestrated attack" to destroy its reputation. Over a short period in the summer of 2017, Kaspersky Labs was the subject of multiple media reports alleging that the company had helped Russian intelligence agencies spy on the US, a number of FBI raids on staff members, and a nationwide ban on the use of its software by federal government agencies. "This media attack and government attack from the United States, it was designed and orchestrated," Mr Kaspersky said at a press conference in London. "Because at the same time, there was government, there was FBI, there was media attack. That is expensive ... I mean all kinds of resources: political influence, money, lobbyists, the media etc." When asked directly whether he had ever been asked to help Russian intelligence agencies spy on the US, Kaspersky vehemently denied any such conversations had ever happened saying: "They have never asked us to spy on people. Never." "If the Russian government comes to me and asks me to do anything wrong, I will move the business out of Russia," he added. "We never helped the espionage agencies, the Russians or any other nation."
While I'm not sure whether I'd use Kaspersky before, paranoia on the part of its founder is not assuaging my concerns over it.
He not only admitted he downloaded the files, he said he was PROUD that he had downloaded the files as they furthered the investigation into malware.
The files then somehow made their way to the KGB.
Since then he's said that there was a trojan on the PC he got the files from (but the trojan infection wasn't their fault because the PC user had turned off Kapersky for awhile which they also knew) so Russian hackers must've gotten the information that way
Now he's saying it's a giant conspiracy?
He doesn't have to actively work with the Russian government - they could easily have moles in his organization pulling the data out.
"If the Russian government comes to me and asks me to do anything wrong, I will move the business out of Russia."
Putin has invaded both Georgia & the Ukraine and executed a former ally in London with radioactive poison. Yet Kaspersky expects us to believe that he could just pick up roots and move his company out of Russia? The credibility stretching involved to be able to believe that is bigger than the sun.
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
Throwing rationales at the wall to see if any will stick.
When their mouths are moving!
Actually, they use ventriloquism a lot, so even that isn't a good sign.
Speaking through ventriloquist's dummies is their most common trick
'Teh media' (especially ones that operates a television channel) will jump at any chance to get a story out first. That means lots of 'developing' and 'stay tuned for details' and not any of 'fact checking' and 'research'. This does not cost any money.
Seems that everyone, be they Republican, Democrat, or Russian based anti-virus vendors forget this.
-- Still not sure if he's covering up the fact that Kapersky is working with the Russian gov. or that they're just not so good at protecting computers from malware/hacking. I'd put some money on that they were infiltrated by the FSB without their knowledge - again, not a good look for a security company.
Don't know about China, but American news are not blocked in Russia.
Edward Snowden's asylum would continue to cost Russian companies dearly.
What the US bureaucrats do not understand is that a president of Russia is not like a sultan. Russian people are hard to rule to a degree that the leadership cannot do whatever it wants. They have to listen to the public opinion.
In my opinion, it was impossible to extradite Edward Snowden. They were just unable to to it due to the public opinion. I think the US has to forget Snowden as if he did not exist. You cannot win them all.
... that America becomes the un-Russia.
It little behooves the best of us to comment on the rest of us.
You cannot win them all.
But you can stay on topic.
It little behooves the best of us to comment on the rest of us.
We need pretext to split the net, sorry.
Red scare 2.0, baby!
Can't bring about 1984 when everyone is playing vidya with the Eurasians.
Would have been nice to have seen some real evidence and not speculation when the U.S. government was ruining Kaspersky's reputation
I'd like to see proof that it couldn't have happened without his knowledge if they simply asked one of his employees instead, or that he could have even stopped it if he knew.
Willing to provide their source code for inspection. Literally the only one.
Take that for what it's worth.
What else could he say. He might end up dead from a drink at dinner.
The files then somehow made their way to the KGB.
And we know that particular rendition of those bits came from Kaspersky how?
Since then he's said that there was a trojan on the PC he got the files from (but the trojan infection wasn't their fault because the PC user had turned off Ka[s]persky for awhile which they also knew) so Russian hackers must've gotten the information that way
And he extensively documented the reasons why he believes that to be the case. On the other side as far as I can tell, we basically have "Kaspersky and the KGB both ended up with copies of files and are both in Russia... oooooo."
Ukraine was NEVER in discussion of joining the EU. Curiously enough, the maidan followed by coup in 2014 happened right after Ukraine refused to sign a free trade agreement with the EU in fear of losing its biggest market - Russia. The Crimea thing happened AFTER the coup and is a consequence, not a cause.
But clearly you won't let FACTS get in your way.
When asked directly whether he had ever been asked to help Russian intelligence agencies spy on the US, Kaspersky vehemently denied any such conversations had ever happened saying: "They have never asked us to spy on people. Never."
What he did not say, was, "All they asked us to do was to spy on computers. Computers are not people. Corporations are people, my friend".
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
And we know that particular rendition of those bits came from Kaspersky how?
Because the files made it to Russia VIA Kaspersky - that's an undisputed fact proudly admitted by Kaspersky himself.
Our next task was to try and answer what may have happened to the data that was pulled back. Clearly an archive does not contain only those files that triggered, and more than likely contained a possible treasure trove of data pertaining to the intrusion set. It was soon discovered that the actual archive files themselves appear to have been removed from our storage of samples, while the individual files that triggered the alerts remained. Upon further inquiring about this event and missing files, it was later discovered that at the direction of the CEO, the archive file, named “[undisclosed].7z” was removed from storage.
When was it removed? They elaborate that it's [now] standard policy but it wasn't at the time. Did the CEO specifically order this file to be removed or was it a general order? Given the reading of the article it appears to be the latter.
The reason we deleted those files and will delete similar ones in the future is two-fold;
This concern was later translated into a policy for all malware analysts which are required to delete any potential classified materials that have been accidentally collected during anti-malware research or received from a third party.
In the future? later translated into a policy? When did this become policy?
BTW, this happened in 2014... What happened in 2015?
https://it.slashdot.org/story/...
Larry Walsh at Channelnomics scores the scoop in a Q&A with Kaspersky's Chris Doggett who says it's not the Russian security company's job to figure out who is responsible for a sophisticated cyber attack on its corporate network over the past few months. "We believe that to go beyond our area of expertise and speculate on the possible sources of attacks is not in the best interest of our customers," Doggett said.
"ooooooooo"
No no... must be a long term black op by the NSA...
For what it's worth: Kaspersky didn't necessarily have to do anything for the Russians to take advantage of their apparatus. The NSA in the US has tapped into many different systems and apparatuses without the system maker's cooperation. See: the TAO catalog.
Because the files made it to Russia VIA Kaspersky
It looks like you're badly conflating "Russia" and the KGB. It's hard to see how that doesn't unavoidably color the rest of your analysis.
Did the CEO specifically order this file to be removed or was it a general order? Given the reading of the article it appears to be the latter.
You didn't read the entire article. The Q&A at the bottom explicitly says it was the former: "After discovering the suspected Equation malware source code and classified documents, the analyst reported the incident to the CEO. Following a request from the CEO, the archive was deleted from all of our systems."
No no... must be a long term black op by the NSA...
If by "long term black op" you really mean "long term fuck up by an agent storing classified material on a home computer backdoored by downloading compromised keygen software," I'm right there with you. Otherwise, this appears to just be a distraction.
So tell us all, when did these secret negotiations happen? And how do you know about it but not the people of Ukraine?
Kaspersky, you are not really so important that the US government will risk a scandal by trying to besmirch your reputation.
So the KGB got information in 2014. Nearly three decades after they were dissolved.
Don't forget that he is also Hitler _and_ Stalin!
With Cisco they have the ability to intercept hardware and install bugging devices.Harder to do that with software.
I'd like to hear the owners of Google and Facebook make equally strong statements about not cooperating with "wrong" demands from the government. I'll wait.
Not Putin.
All the Russia hysteria over the last few years has been straight-up Swiftboating. Fucking with other countries and wanting to spy on every person on the planet is what the United States does on a daily basis, so naturally it accuses someone else of doing what they do. If Kaspersky is proven to bend over backwards to help the FSB the same way American companies do for the CIA/NSA/FBI, then we can have a conversation, but so far the accusations have as much evidence to back them up as the conspiracy theory that Russia 'hacked the election' last year (i.e. none, nada, zip. zilch).
Karl Rove must be collecting some sweet royalties on this tactic.
All this hoopla, - Russia this, Russia that, Russia doping, Russian hackers, Russia & US election, etc. - started after Snowden's revelations. It had not been like this before.
Some officials in the USA said that Snowden affair was the largest and the most expensive intelligence catastrophe in the US history. A lot of money was lost, many carreers were broken. Initially Russia had not been involved in this at all, and at first it could not figure out what to do with him. He had been an US government agent after all.
But later, as often happens with underdogs, Snowden became kind of popular in Russia.
My point is that the US officials are making a mistake, because they think erroneously that Russia is ruled by a totalitarian government which can do whatever it wants, including extraditing Snowden. But in fact the political system in Russia is a complicated equilibrium, the same as in many othere lands.
My feeling is that extraditing Snowden may cause an instability, or even a revolution. It will never happen. So this story should be over and done with. It is time to get serious again and stop the naïveté.
Being the timely "annexation" of Crimea when Ukraine was in discussion of joining the EU
Uff, the annexation of Crimea by Russia was made possible by many stupid decisions of the "revolutionary" parliament of Ukraine, that passed a bill to remove the Russian language (and other minority languages) from the list of the official regional languages, while there are regions of Ukraine where a large part (or even the majority) of the population identify themselves as Russian (or some other minority). That was one of the reason of the counter-revolution in Ukraine, that was then exploited by Russia.
the invasion of Georgia
Same situation. Saakashvili, then president of Georgia, tried to deflect the attention from his own failures as a politician by militarily occupying South Ossetia, which was an autonomous region of Georgia under the control of a peace keeping force monitored by the OSCE (Organization for Security and Cooperation in Europe). Again, Russia exploited the situation "helping" South Ossetia, but you can say that Saakashvili had it coming.
Then we have proof that Russia has created Facebook groups creating dueling protests to reinforce Americans divides and stresses, there is a problem with racism in the US, so they bring up fake news or exaggerated news to play on these feelings of uncomfortable and turn it to fear.
Don't be naive, not just Russia. What about Saudi Arabia? Qatar? Israel? Corporations? The American government? They are all investing in the fake news business, and they are all, singularly, investing much more than Russia. The sum of their investments dwarfs the Russian investments. If you somewhat fear Russian fake news, you should accordingly be scared to death by your establishment fake news.
Wow, I thought the whole, "Russian troll", thing was just B.S., but with that one, I'm starting to believe. "I and you" was the first giveaway, but ending with "mother Russia" is probably not the correct approach if you're pretending to be American.
All the Crimea/Ukraine/Georgia shit was Russia taking back its own shit.
It's just that the west determined Russia was the bad guy because fuck Russia.
Yet with Spain, the west is all for it?
You seem Russian as those are Russian type explanations. First of all, the Russian language has been de-emphasized ever since Ukraine gained independence. While there was some stupid law like you mention, the reality is that Ukrainian education has been in Ukrainian, not Russian, for a very long time now. I remember over a decade ago meeting a lady who taught in what the US would call elementary school and she was an ethnic Russian, but she told me that she was required by law to teach in Ukrainian. Please note that she lived in a town currently under rebel control in East Ukraine where most people speak Russian by choice. Crimea has always had a chip on its shoulder about being given by Krushchev to Ukraine and Russia exploited this. The law change is just an excuse. They've been looking for a reason to go back to Russia for a very long time and the instability in the national government provided the pretext Putin needed to "liberate" them. And that liberation was really mostly to get control of the naval bases there. I have known for a very long time that Ukraine allowing Russians to keep ships there was a really bad idea, but government after government foolishly believed that they could pacify Mother Russia by doing so and she wouldn't attack them.
Do note that this so-called "peace keeping force monitored by the OSCE" is only Russian and other nations are not allowed to participate. The OCSE monitoring is theoretical at best. Your reason stated for Saakhasvili's invasion is correct, but note that you are forgetting to mention that Russian troops went there to "help" (wink wink) during a previous ethnic clash over a decade earlier and never left.
Then we have the usual "Don't single out Russia. Everybody else is doing it and doing it more!" argument. You lose on that one.
Interestingly worded statement, there.
I'm a good cook. I'm a fantastic eater. - Steven Brust
So the solution clearly is, run two honeypots, one with Kaspersky, and another with Cisco.
The burden of proof lies on the accuser.
Crimea is where the Russian Black Sea fleet is based.
Ok, stop giving money and fuck off. Deal?
Coincidentally, Saakashvili is now the Governor of Odessa, Ukraine. Quite clear who's pulling his strings at this point.
Ukraine has been an country independent of Russia for around a hundred years now (even when part of the Eastern Block it still had its own government and national identity. The Soviets certainly acknowledged Ukraine as a seperate nation when they gave them Crimea in 1954). Catalonia, on the other hand, has been part of Spain for over half a millennium.
Also, Russia's invasion of Ukraine was illegal under international law. On the other hand, Catalonia's bid for independence was illegal as the Spanish constitution (much like the US') does not allow for such a thing.
Sure, you can draw some superficial parallels between the two but the second you start to really look at the circumstances of both situations Russia looks like far more of a bad guy than Spain. Just look at the death counts even. While the violence in what was happening in Spain for a bit was certainly disturbing, the death count in Ukraine is in the tens of thousands and continues to mount.
I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
You have got to provide citations proving that you know bullshit from wild honey.
It little behooves the best of us to comment on the rest of us.
Here is the citation: http://5newsonline.com/2013/08... “Russia has stabbed us in the back, and each day that Mr. Snowden is allowed to roam free is another twist of the knife,” said New York Sen. Charles E. Schumer in a statement.
What I am trying to say is that it is all a big misunderstanding. Mr. Snowden is sort of too big, they cannot touch him, cannot extradite him due to the internal public opinion. And the senator erroneously thinks that it is done just for spite. Probably because he does not speak the language, is not aware the situation.
And this tit for tat, as it seems to them, will continue perhaps still for decades.
You are excused for not knowing this, but I'm a student of Manning, Snowden, and Winner and have been covering those stories (and other less high-profile) since they surfaced.
There are a lot of other /. ers who have been doing the same.
Your post clearly demonstrates that you are late to the party; have invested NO time investigating, and have an agenda.
I'm not going to educate you because you could have done that for yourself.
You know ... like we did.
It little behooves the best of us to comment on the rest of us.
You seem Russian as those are Russian type explanations.
Ad hominem argument since the first line? Ok...
I have known for a very long time that Ukraine allowing Russians to keep ships there was a really bad idea, but government after government foolishly believed that they could pacify Mother Russia by doing so and she wouldn't attack them.
The "bad idea" is the fact that Ukraine's governments were/are among the worst, most corrupted governments in the former Soviet Republics and they got worse at managing their dilapidated economy "revolution" after "revolution" (that is coups by some lobby of oligarchs). Russia kept their economy on life support in exchange of blind allegiance. They switched allegiance and so Russia pulled the plug on the life support, while nor the EU, nor the USA are fool enough to dump money in the Ukrainian economy. That's your "bad idea".
Your reason stated for Saakhasvili's invasion is correct, but note that you are forgetting to mention that Russian troops went there to "help" (wink wink) during a previous ethnic clash over a decade earlier and never left.
They never left because they had an international mandate to stay there. Georgians were not happy with that mandate, but neither were South Ossetians, who claimed it was too pro-Georgia.
Then we have the usual "Don't single out Russia. Everybody else is doing it and doing it more!" argument. You lose on that one.
What does that even mean? What's your point, perhaps: love me, I'm a liberal? I never absolved Russia of lying: I am just saying that someone else is both a liar and a hypocrite. Counter that if you can articulate something more than "you lose, I win because Russia".
The burden of proof lies on the accuser.
I'm not sure what you mean here. Do you mean that the burden of proof is on Kaspersky, to prove his accusation that it was a "designed and orchestrated attack"? Or the burden of proof is on the media, in that "multiple media reports alleging that the company had helped Russian intelligence agencies spy on the US"?
and, more to the point, if the net result of the "burden of proof" is "the accusation remains unproven," meaning neither proven nor disproven... what action should you take? You personally are not a criminal court.