I'm going to park a copy of this post to Ars Technica, Snowden's old favourite haunt and a place of absolutely despicable cyber anarchists as well as reasonable, moderate and intelligent cybersecurity professionals -- not to mention thin-skinned geeky moderators like all such places -- just in case:
What I'm astounded at here in this discussion is the entirely uncritical attitude toward Kaspersky Laboratory and apparent lack of knowledge about Kaspersky's past -- he was educated at a KGB cryptography school and worked for military intelligence. If this seems benign to some of you, then you don't realize it is not the equivalent of anything in the US whatsoever. Russia is a country where not one couple who some believe were "framed" went to the electric chair (they were both guilty as Soviet files later indicated) but tens of millions were executed or worked or starved to death with the predecessors of the people Kaspersky worked for presiding over it, and becoming victims themselves.
I don't need a recitation of Kaspersky's valiant achievements. His reporting of Stuxnet first lets you know he may have state capacity behind him.
Even if you want to put an entirely apolitical spin on it and say that Kaspersky was (now publicly) working since 2013 with the FSB (the KGB's successor) to do the good deed of catching cybercriminals who stole credit cards, there is just too much that is murky here to accept what you see at face value.
Why didn't Kaspersky sound the alarm about the arrest of his own "top manager" as Kommersant called him (which the PR of Kaspersky denies)? He's been tweeting tips on security and cat pictures for week while his colleague sat in Lefortovo. Why did he throw him under the bus? They have utterly disassociated themselves from this man who spoke at international conferences and was never disrespected before this; indeed, he worked for the FSB's rival at Department K of the MVD, and maybe that's the problem.
So little is known about the other two FSB men arrested along with Stoyanov, but truly, there isn't any hard evidence or even convincing link that they hacked the DNC or Arizona's election system or are the people named in the Trump dossier. All of that is pure speculation as various theories spun in the Russian media. LawFare doesn't have any fact to make this claim, only the opinion that people arrested in such a dramatic way may be suffering payback if the Russians thought -- after reading the Trump dossier -- that they were penetrated and had to punish the leakers instantly. I was the first to explain that theory in detail last week, but never with any indication that we have any evidence of it, indeed as we have no evidence that the Trump dossier is real, only a lot of interesting stories some of which haven't checked out but "sound" plausible.
For all we know, the Trump dossier is an FSB/GRU concoction to distract people from the real files. But when so much of this story of the arrests revolves around internal business and contract turf wars in the cybersecurity business, even with the desire we all have to find the Trump connection in anything that might expose the creepy ties to Russia, you have to find facts and not link spots on the moon. Just because Lawfare and Rachel Maddow now speculate in the way people you hated speculated only a few years ago about Russia's evil doesn't mean it's true.
I also thinks it's inappropriate to think only of this story may harm your own skin, or be "coming soon here" due to Trump, or some other nonsense. Perhaps you could have a little solidarity for your fellow geeks? At least one of them is a show-off hacker who wrote for the Russian Hacker magazine then went to work for the FSB. Is your friend Snowden any different?
Everything in the official and pro-government press -- not that this can be trusted at all -- gives a different version of the story that has to do with a 2011 case involving two rival ticket processing services online becoming embroiled in a story about how one of them hired hackers from the FSB to DDoS the other. Frankly, that sounds very plausible. It seems more likely that the result of the arrests and the media leaks is that now more attention is shed on that very dubious "collaboration" between Russian government intelligence and "private" firms that only roughly parallels what goes on in the US -- and the nature of the government matters.
Some Russians are tweeting the Putin will extradite these hackers to Trump and give them his heads saying they hacked America without his knowledge. For Putin, it will be a "limited hangout" as in the Nixon era. And Trump will give up the gun runner Victor Bout, whom even Obama would not release to the Russians.
Here are links to translations and analysis of the main media stories in the Russian press:
'Hybrid Cyberwars': Are the Russian Hackers' Arrests About American or Internal Russian issues?
http://www.interpretermag.com/russia-up ... 017/#16021
Novaya Gazeta Learns of 3rd Arrest in Hackers’ Treason Case: Is FSB Agent Major Forb the Head of Shaltai-Boltai?
http://www.interpretermag.com/russia-up ... 017/#16021
Russian Hackers and FSB Agents Arrested in Moscow for 'Treason' on Suspicion of Leaking to US Intelligence
http://www.interpretermag.com/russia-up ... 017/#16007
Top Manager of Kaspersky Laboratory and FSB Officer Arrested in 'Treason Case,' Kommersant Reports
http://www.interpretermag.com/russia-up ... 017/#15997
Kaspersky Lab Denies Arrested Russian Cybersecurity Expert Was 'Top Manager'; Case Related to His Previous Work
http://www.interpretermag.com/russia-up ... 017/#15999
There was a plot floated on the Maddow show that maybe this guy was supplying info to that MI6 agent on Trump. Keep in mind today all non elected senior officials in the State Dept were canned. There is also info that sanctions on Russia will be lifted as soon as Tillerson gets confirmed.
1) No, not all senior officials in the State Department were canned. Read Vox:
http://www.vox.com/world/2017/1/27/1440 ... signations
2) Everything we know about this story (see all my links and the links to the Russian originals and translations) , which comes from the FSB telling their friends at two pro-government news outlets (meaning it may or may not be true, all or in part), speaks of a case in 2011. And *Kaspersky Lab itself* speaks in their press release of the fact that the reasons the FSB arrested their colleague was related to a case that PRE-DATED his employment, which they say in their press release was in 2013. (To be sure, one paper gives another date but it could be a mistake). So you're scientists, take the only two facts that match at all in this entire blur of hypotheses and put them together: the FSB leak to Tsargrad TV saying it's the 2011 Aeroflot-related case with Vrublyovsky, and Kaspersky's press release saying it's a case that "predates his 2013 employment," i.e. therefore possibly in 2011 -- and PS not related to Trump.
All press articles, independent and state, make the point about "2011" which suggests this isn't related to Trump.
3. I found one Russian tweeting provocatively that he thought Putin would give Trump their heads and say they hacked Arizona. It strikes me that "Arizona" is the lease offensive of all the Russian hacks although the only one related to actual voting booths. That's because it's caught, and hacking voting machines is hard and even when done, not massively influencing elections. Meanwhile the DNC hack and the Trump dossier, which are social hackers, are much more destructive.