Moscow, Russia-based cybersecurity firm Kaspersky Lab's ties to the FSB, Russia's primary intelligence agency, are seemingly deeper than the company previously stated, according to internal company emails obtained by Bloomberg Businessweek.
The Bloomberg Businessweek report follows the U.S. Senate's attempt to ban Kaspersky Lab software in a June draft of the fiscal year 2018 U.S. Department of Defense budget, due to concerns the company may be vulnerable to Russian government influence.
At the time, Kaspersky Lab provided The Hill with a statement first released in May, writing: "As a private company, Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyber espionage efforts."
Here are five things to know.
1. The emails, written in Russian and dated October 2009, detail an exchange between Kaspersky Lab's chairman and CEO Eugene Kaspersky and other senior staff members, according to Bloomberg Businessweek. In the emails, Mr. Kaspersky describes a software project for the FSB, noting it was "a big request." The software would protect clients like the Russian government from distributed denial-of-service attacks.
2. The software would also be able to block DDoS attacks, in part by working with internet hosting companies to locate hackers. "The project includes both technology to protect against attacks (filters) as well as interaction with the hosters ('spreading' of sacrifice) and active countermeasures (about which, we keep quiet) and so on," Mr. Kaspersky wrote in one email.
3. "Active countermeasures" typically refer to hacking a hacker by "shutting down their computers with malware or other tricks," according to Bloomberg Businessweek. However, in this case, a person familiar with the anti-DDoS system told Bloomberg Businessweek the countermeasures were more involved. The individual told Bloomberg Businessweek Kaspersky Lab sent security experts to accompany FSB agents on raids to address hackers after providing agents with real-time information on a hacker's location.
4. The goal of the project was to eventually mass-market the anti-DDoS software to businesses, Mr. Kaspersky wrote in the emails. Kaspersky Lab currently sells the system to large companies, however, the service is not available in the United States or Canada.
5. Kaspersky Lab confirmed the emails were authentic to Bloomberg Businessweek, but denied ties to the Russian government.
"When statements are taken out of context, anything can be manipulated to serve an agenda," the statement reads. "Kaspersky Lab has always acknowledged that it provides appropriate products and services to governments around the world to protect those organizations from cyberthreats, but it does not have any unethical ties or affiliations with any government, including Russia."