Around the same time Russian forces launched a massive rocket into a square in Kharkiv, Ukraine’s second-largest city, killing and wounding an as of yet unknown number of people, Eugene Kaspersky, head of his namesake Russian cybersecurity firm, tweeted that he hoped negotiations between Ukraine and Russia would lead to “a compromise.”
The statement encapsulates the company’s position since Russia invaded Ukraine six days ago—that of attempted neutrality in a war where silence or fence sitting is implicitly siding with the Russian forces. In another statement to Motherboard sent on Monday, the company said “As a technology and cybersecurity service provider the company is not in a position to comment or speculate on geopolitical developments outside of its area of expertise.”
Kaspersky is one of the best-known Russian companies, and for years its antivirus product has been among the most used in the world. The antivirus software also harvests telemetry data for Kaspersky’s researchers who can then use that to identify and counter new threats. Its researchers are some of the best in the world, with its Global Research & Analysis Team (GReAT) regularly publishing leading research on various government malware operations. Famously the company first revealed details of a U.S. government hacking group that it dubbed Equation Group. Kaspersky has also researched suspected Russian government linked hackers.
Eugene’s tweet also brings something else to the surface again: how much is Kaspersky, the company, influenced by the Russian government, even if indirectly? As a Russian firm operating in Moscow under Russian laws, it may feel the need to toe the line on Russian issues.
“We welcome the start of negotiations to resolve the current situation in Ukraine and hope that they will lead to a cessation of hostilities and a compromise. We believe that peaceful dialogue is the only possible instrument for resolving conflicts. War isn’t good for anyone,” Eugene’s tweet read. “Like the rest of the world, we are in shock regarding the recent events. The main thing we can do in this situation is provide uninterrupted functioning of our products and services globally,” another added.
Kaspersky’s company statement on Monday added that “Kaspersky is focused on its mission to build a safer world. For 25 years, the company delivers deep threat intelligence and security expertise that is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. Kaspersky’s business operations remain stable. The company guarantees the fulfillment of its obligations to partners and customers—including product delivery and support and financial transaction continuity. The global management team is monitoring the situation carefully and is ready to act very quickly if needed.”
Do you work at Kaspersky? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email email@example.com.
For years the company has faced criticisms and scrutiny, some unfounded, for its perceived or suspected alignment with the Russian state.
In one case with a home computer owned by NSA worker Nghia Hoang Pho, Kaspersky’s anti-virus software in the course of normal operation uploaded a collection of classified documents and code that were stored on Pho’s machine to Kaspersky’s servers for analysis. Eugene later said that when he found the uploaded material data classified material, he ordered for it to be deleted.
In 2017 the Trump administration banned the use of Kaspersky products on government machines.
Kaspersky may not currently feel it is in a position to speculate or take a position on the invasion of Ukraine. But with a 40 mile long Russian military convoy making its way to Kyiv, and with the prospect of more cyber attacks playing a role in the invasion, Kaspersky may need to take a side.