23/02/2015 Cyber­security: The Kaspersky equation | The Economist

Cyber­security
The Kaspersky equation
A Russian antivirus firm impresses the sceptics, again
Feb 21st 2015 | From the print edition

THERE is more than one

reason to harbour doubts
about Eugene Kaspersky
and the computer­
security company that
bears his name. He
graduated from an
institute close to the KGB
and later worked for the
Red Army. He has called
Edward Snowden, the
whistle­blower, a “traitor”
for having broken his
contract with his former
employer, America’s
National Security Agency
(NSA). And, like many an
executive in his industry, Casting Kaspersions
his regular warnings
about big, emerging cyber­threats just happen to be good for drumming up business.

However, Kaspersky Lab has repeatedly impressed sceptics by exposing genuine and serious
cyber­security problems. In 2010, for instance, it helped uncover Stuxnet, a computer worm
designed to sabotage the Iranian nuclear programme.

On February 16th Kaspersky appeared to repeat this feat, not once, but twice. First it released
a report detailing how a gang it calls Carbanak had hacked the computer systems of banks
around the world. It said the gang had stolen several hundred million dollars by moving
money to fake accounts and making cash machines dispense their contents. The same day
the firm said it had discovered the “Equation Group”, apparently part of the NSA, which it
said was able to embed spyware in computers that gives it total control over them, even after
http://www.economist.com/node/21644154/print 1/2
23/02/2015 Cyber­security: The Kaspersky equation | The Economist

the hard disk has been erased and the operating system reinstalled.

Such revelations, as well as Mr Kaspersky’s relentless salesmanship and his company’s

popular antivirus software, have turned it into one of the rare Russian firms that is successful
abroad—and perhaps the country’s best­known brand after vodka and AK­47s. Founded in
1997 in Moscow, the company now has offices in 30 countries, 3,000 employees and 400m
users, and had $667m in sales in 2013. Consumers generate about 60% of revenues, the rest
comes from corporate customers. Kaspersky Lab says it stumbled across the Carbanak gang
when it was asked by a bank to investigate why its cash machines had taken on a life of their
own.

For all the firm’s expertise and commercial success, questions linger over whether the
Kremlin would be able to resist exerting some control over a Russian firm in such a sensitive
line of business. The company insists its home government is just another customer and that
it co­operates with it no differently from the way it does with other governments. The
financial information it releases is limited. It had plans to go public shortly before the global
financial crisis, but now it intends to stay private (Mr Kaspersky is majority shareholder).
Being private allows it to be more flexible and pursue “visionary projects”, he says.

Some computer­security firms cry wolf to attract attention; Kaspersky’s wolves have often
proved to be real. Indeed, there is a thread between its two latest revelations, says Bruce
Schneier, a cyber­security analyst. “Today’s top­secret programmes,” he writes, “become
tomorrow’s PhD theses and next day’s hacker tools.” In other words, what the NSA does now,
criminals will eventually copy.

From the print edition: Business

http://www.economist.com/node/21644154/print 2/2