What Wired Is Not Telling You – a Response to Noah Shachtman’s Article in Wired Magazine

Eugene Kaspresky is not KGB but Indiana Jones of the Industry

This is a very unusual post. It’s not about cyber-crime, malware, our latest business achievements or my latest long journey around the globe. It’s about truth and facts, and the importance of not hiding certain facts while revealing others.

For sure I was surprised to read such an article from a journalist who, up until Monday, always seemed to maintain the highest of professional and ethical standards. And it goes without saying that, on behalf of my company and our 2400+ employees around the world, I have to object to Mr. Shachtman’s litany of inferences, opinions, omissions and errors.

We first got to know Mr. Shachtman early last fall, and then invited him to our headquarters in Moscow. After several meetings with me and our team members, during which we discussed many different current issues related to the security field, it appears Noah Shachtman thought that he was ready to tell the world the “truth” about Kaspersky Lab and me personally, and decided to produce an article for Wired Magazine. And he got off to a great start (the way he described me after practically 72 hours on planes (Cancun-Munich-Cancun) just to be there for the opening of the event was all very true – and to me very amusing). But unfortunately Mr. Shachtman forgot to include essential components such as key facts, independent international experts’ opinions, and independent marketing research agencies’ data. Not only did he forget to check his facts, in some cases he wrote almost the opposite of what I actually said in my numerous interviews with him over the past seven months.

I hope Noah tried to do his best and had no hidden agenda. But he unfortunately failed to present to you the whole truth. So I’ve decided to help him out.

Thus, let me give you the information that Noah decided to hide from you:

Kaspersky Lab is a private international company that registered its holding in Great Britain in 2006. This means that our financial reporting is transparent and freely available to anyone. I think we can all agree that Her Majesty’s laws are strong and respected worldwide. Our affairs there have nothing to do with the Kremlin. This is the first time I’ve seen this major stretch to try and link our business with the Russian government.

All three of the world’s leading security companies – Symantec, McAfee/Intel, and Kaspersky Lab – work with law enforcement bodies worldwide to help fight cyber-crime. The ITU, CET, FBI, FSB, U.S. Secret Service… we all have a duty to help them solve criminal cases. Remember “Raiders of the Lost Ark” with Indiana Jones? He was a archeologist – the best on the planet. And that’s why the U.S. military came to him for help; they knew nothing about history or mythology. Well it’s the same for what we do for governments worldwide today – we provide EXPERTISE. Nothing more.

Without the expertise of security professionals, successful law enforcement operations would be an unattainable dream. When cyber-crime cases are domestic, IT Security companies work with their law enforcement agencies to assist in investigations. When they’re international, they work with appropriate law enforcement authorities of the affected countries to abide by legal policies and federal jurisdictions. This cooperation is crucial in helping stop cyber-crime around the world, and we are proud to be a part of this process.

We were the first to reveal Flame – and we are very proud of the fact. No IT Security company would remain silent on the discovery of a cyber-weapon, no matter who the author might be. Among the most well-known large computer security companies, two are U.S.-based – Symantec and McAfee. Symantec wrote one of the most comprehensive papers on Stuxnet – “the US-Israeli worm that wrecked nearly a thousand Iranian centrifuges and became the world’s first openly acknowledged cyberweapon,” as Noah described it in his article. In addition, Symantec was the first to write about Duqu, which has been widely referred to as Stuxnet’s cousin. Along with Symantec, McAfee published several research posts about both Stuxnet and Duqu, reporting on the incident and noting, in the case of Duqu, that its research team, in addition to many other vendors, were alerted to the unknown malware and began actively monitoring and responding to the threat. Following Noah’s logic, both U.S. companies may be considered to have been foiling US spies as well. However, the logic of the IT Security industry is to focus on keeping customers safe – regardless of their origin, or the origin of the malware.

As you all know, I’m an active blogger and engage in plenty of social media. I have an active presence on Facebook, Twitter, Flickr, Google+, YouTube, LinkedIn and LiveJournal. I’m an active supporter of the possibilities social networking brings to open communication and dialogue. I constantly stress that social networks can be used for positive things, and would never wish this medium to be shut down or censored. Besides, I personally am open to all kinds of questions and dialogue. As is Kaspersky Lab as a whole. If you want to know something – anything, just ask: we’ve nothing to hide.

As to Russian elections and DDoS attacks on certain (mostly opposition) websites, Noah regrettably gave a totally false account of the situation. I explained what was really happening at that time to the Russian audience of the Ekho Moskvy radio station, in addition to posting the same explanation on my blog. Early on, we didn’t see any DDoS attacks occurring, but we asked any possible victims of attacks to contact us so we could assist in investigations. After my blogpost some possible victims did contact us, and after analyzing all the data we discovered that some were indeed attacked. However, we found that not all of the attacks were DDoS-based. As an example, Kommersant.ru’s IT director, German Mitrofanov, told Gazeta.ru that they experienced a technical problem instead of a DDoS. In addition, our team of experts continued to monitor the DDoS and technical attacks around election time, and posted its findings in March 2012.

And finally, the very mission of our company is to fight cyber-crime all around the world – together with our colleagues in the industry. We don’t do it just because it happens to be our business; we also do it because we believe that protecting the world from malware is critically important and will continue to allow us to live in a better, safer, more open and effective society. It’s our underlying principle by which we stand firmly and always will.

In all, there are dozens of misquotes, unsourced comments, personal judgments based on mere opinion – or prejudice – and factual mistakes in the article. Not to mention an overall negative undertone that permeates the whole article.

Finally, on a very personal note. With regard to when my son was kidnapped… Every parent would understand my feelings and intent when I’d say to Noah Shachtman that only tabloids dare speculate on serious family misfortunes. Doing so would be punching below the belt even for a most scandalously unethical rag of a publication. But for Wired to sink so low – that’s a clear downgrade of the publication’s stature.

Noah Shachtman wants to believe that I’m a spy and Kremlin team member, and that I use my son as bait… I guess this could only be due to cold-war paranoia. I honestly can’t think what else it could be. The reality however is much more mundane – I’m just a man who’s “here to save the world”.

And this is what Noah Shachtman failed to tell you.

READ COMMENTS 57
Comments 40 Leave a note

    Andrew Barratt

    Great response.

    Chris Wilson

    The Wired article felt from the outset that it was a journalist trying to make a name for himself through sensationalism. It’s a real shame, as having been in the industry for 20 years, I really felt that this ‘gutter journalism’ was a thing of the past and that we’d all moved on. And until now I really respected Wired.

    Your last point is for me the ‘proof’ that Mr Shachtman can’t really be believed or trusted. I too am a father and I felt physically sick that your own family circumstances (which must of course been harrowing at the time) were both misrepresented and even used for sensationalist purposes. That shows a twisted desperation for fame on his part.

    What a shame for Wired.

    Andy H.

    Minor point. Indian and Jones was an Archeologist, not a paleontologist.

    Shaman007

    Can you please provide the URL of the Hoah’s original article? Seems like he wrote lot’s of so-called “facts” about KL, I am collection’ them for more than a decade.

    CJ

    Great clarifications. A quick look at Noah’s bio (on his website) helps explain his paranoia, too; lots and lots of interaction with US Defense, Army Command, etc. – probably not the best person to write a fair or balanced interview :-)

    RH

    Agreed. It came across as a very sloppily written article that failed to match the (publicly) available facts. Once I took a closer look at Noah’s own public history, it quickly became apparent that he simply suffered confirmational bias, allowing his “reporting” to match his preconceived “facts.” I can’t wait to see if Wired has the cojones to respond in a transparent manner—it is readily apparent their ombudsman didn’t check this article close enough.

    M.P.

    Ive previously trusted Kaspersky for years even convincing friends and colleagues to convert also. I guess its a question of being tarnished with the same brush. Its no joke that a overwhelming amount of Virus, Trojan and annoying spam continually bombard the planet from Russia at a disproportionate rate. Its a shame really as many exports from this side of the world may evoke paranoia.

    Good luck Kaspersky :)

    Daniel

    Nice rebuttal. As with all “news organizations” it’s important to check their work.

    Aryeh Goretsky

    Any time you deal with the media, you risk the chance of being misquoted, taken out of context or otherwise having your words used in a way that does not convey what you intended them to mean.

    I think it is safe to say that most anti-malware companies are going to have some sort of relationship with law enforcement, whether it be at a local, regional, national or even at an international level, simply because they are both seeing different parts of the criminal ecosystem. When the tools used by those criminals are retargeted for political or military gain, it makes sense that you are going to be dealing with intelligence agencies, the military or whomever else is either a victim or trying to help one. Frankly, not doing so would be irresponsible.

    Frank Gerlach

    Hi Eugene,
    whenever somebody crosses the interests of Israel and the Anglosaxons you can bet he is going to be smeared, even if his or her actions are 100% ethical.
    So I suggest you just ignore this kind of crap in the future. Wired.com is intimately involved with the American Arms Industry as we can all see when they “review” the latest F35 simulator and the like.
    People like David Packard and Bill Hewlett, who are considered American Icons have the blood of the Vietnam war on their legacies, as HP products were indispensable for waging war.
    Texas Instruments designed and built HARM Missiles used in the illegal war against Iraq.
    IBM’s Federal Systems Division sold all sorts of electronic equipment to the US government while they waged wars based on pretext.
    That list could be extended to almost infinity, as the war industry is of enormous size in America.
    Then, the Israelis cooperated with the South African Apartheid regime and they still treat the Arabs in the occupied lands like the the White South Africans treated the black people then.
    Now, what is Eugene’s worst sin ? Maybe being part of Russian Army Intelligence during the final stage of the Afghan war ?
    That is hardly being as deep in the blood as David Packard was as a deputy secretary of defense and as a war profiteer, selling advanced electronics to the Arms Industry and the government.
    So, just ignore them and focus on business. This is a world ruled by liars and their stooges. Take a dim view on what they and their media says.

    Frank Gerlach

    Jane Ginn

    Good response. Where do you really stand on the upcoming ITU vote on Internet Governance? I ask because the arguments made in Milton Mueller’s book “Networks and States: The Global Politics of Internet Governance” (MIT, 2010) are quite legitimate. The multi-stakeholder governance structure of ICANN, IETF, W3C and others has helped.

    anti spyware

    Thanks for all of the excellent information on your blog post

    HackAfrica

    Reblogged this on hackafrica and commented:
    Please I found this very interesting story as a continuation from that I read from wired.com about Eugene Kaspersky.

    Five Star Reading ;)

    Agent K

    It is very hard to protect the world. Knowing that no one would ever appreciate it.
    You’re doing your job. And you’re doing it good. So does wired. This time 1:0. Kaspersky winds. But this is not the last battle.

    edgibson0105

    Eugene – as one who was been misquoted while the Chief cyber Security Advisor for Microsoft (Ltd) in the UK, and finding amusement in reading newspaper accounts about investigations I was involved in when assigned by the FBI to US Embassy London that had little relationship to what was real, I have considerable empathy for your situation. Those of us who know you would not have given much credence to the article in any respect. Keep up the great work!!

    Eugen Octavian

    What a beautiful world will be if each one of us will understand and do something in the transition toward this new dimension of our reality; cyberspace” The reality however is much more mundane – I’m just a man who’s “here to save the world”.”

    Thank you Eugen for sharing with the world all this info!

    Dave

    I’m not seeing the part of the story where you are accused of using your son as bait for anything.

    nightwishpt

    I don’t know about the truth, but…
    “But for Wired to sink so low – that’s a clear downgrade of the publication’s stature.”
    Doesn’t really mean much for anyone who has ever read Wired.

    zurlocker

    Even if the article is incorrect in many areas, it’s still good publicity for Kaspersky. You guys should be proud of having such a prominent story. Most people who read it will walk away knowing that things are overstated in the article, that the CEO is passionate, and the technology is obviously excellent.

    Leona Kerry

    Would you be kind to address the points mentioned in Wired’s response?
    http://www.wired.com/dangerroom/2012/07/kaspersky-indy/

    Leona

    Terry A. Davis

    God is just.

    Nano di Lecco

    Yeah save the world…

    Ritter G

    Well done: proper answer made with all art of war style.
    Original post has been inspired by anger of Flame’s active research.
    Reply post is about peaceful intentions for whole world.
    Sounds weird for both sides, right?

    Leke (@horsebones)

    Perhaps the hidden agenda here was to discredit a non US antivirus company so as to promote the business of the other two US antivirus companies.

    Mkalaas

    That was a very selfish post.

    Carlos Silva (@dicarsio)

    It’s a shame Wired’s author got so low. An extremely sensationalistic (and possibly biased) article, writing about very personal, unfortunate subjects in order to entertain its audience. The lack of factual, fundamented information is the finishing touch of a bad, defamatory piece.

    Hope you keep fighting the good causes, Mr. kaspersky.

    Anon

    I’m loving this response and support Mr Kaspersky all the way here. Also shocked at wired, but also not that much in fairness. There is clearing the US cyber view and lets not forget that they are waiting, almost patiently, for cyber pearl harbour.

    That being said, if you ever have to use to phrase “Remember “Raiders of the Lost Ark” with Indiana Jones?” when making a point then its fair to say that you have either lost the game or are up to no good.

    Dillon Beresford

    Stay strong, Eugene! We are all supportive. Kaspersky has an excellent track record and a good code of ethics.

    anonymous

    I love how you bastards only post favorable comments. So much for free expression.

    Vova

    I bet most of Russia’s elite is more or less connected to Kremlin. Otherwise they’d be screwed :)

    bobspez

    All of the things Noah said about Kapersky and the Kremlin could equally be said about any company in the US that has a government contract. ANd every biig company does have gevernment contracts because they have the products the government wants. Noah’s article should be featured in college journalism courses as a perfect example of slanted writing.

    Michele

    Wired guys were just looking for some audience. They will come to you apologizing and then probably they will again drop tons of shit against you again. Just fuck them and give us the fact as you always did man, and keep it up

    Victor K.

    Each year Kaspersky Company publishes reports regarding activity of hackers for China, US, Nigeria and so on.
    Except of hackers from… Russia.
    Same hackers like punished by the US corts etc. etc.
    Would somebody say me that they have no hackers there?

    Eugene Kaspersky

    Perhaps you need to read this post that will clarify your concern: https://eugene.kaspersky.com/2015/03/20/a-practical-guide-to-making-up-a-sensation/

    Victor K.

    Ok, as a transparent company, may you provide some links to your annual reports describing hacking activity from Russia borders?

    Victor K.

    These reports consist of all details – except investigation results of hackers tracking.
    Such companies like Symantec proceed with active tracking analysis and regularly report about geographic and national relation of different hacking groups.
    But we don’t see it in the reports you cite here-above.

    Victor K.

    Thank you for attractive reading.
    But the phrases like “Russian-speaking attackers” or “Chinese-speaking attackers” still not disclose your ability to track their concurrent (live) location, which may be associated to responsibility of appropriate national authorities.
    Such a loud court processes like of hacker Vladimir Drinkman and many others would be happened in Russia, and not in the US, as a normal.
    But we still don’t hear any similar “boom” in Russian courts – despite the investigation efforts you demostrate…

    Eugene Kaspersky

    Sorry, I didn’t get your question

Trackbacks 17

Kaspersky Denies Kremlin Ties, Compares Himself to Indiana Jones | Network Security Software

Kaspersky Denies Kremlin Ties, Compares Himself to Indiana Jones | File Managers Blog

Today's Scuttlebot: Paying for Twitter and Khan Hype – NYTimes.com

» * Cała prawda o Kaspersky — Niebezpiecznik.pl —

Profile on Eugene Kaspersky | Varanoid.comVaranoid.com

Profile on Eugene Kaspersky

Wired :: Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals – Security through Obscurity

SCHAUBA SEC » The Week That Was – 8/6/2012

Kaspersky developing new secure SCADA operating system | SICK Sensor Vietnam – SICK Vietnam – SICK Việt Nam – SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

Касперский | New World Order

» Mis favoritos de ayer Guru Meditation

Chi è Eugene Kaspersky?Storie di virus, Internet e spie di Putin | Nextrem

Kaspersky developing OS for secure SCADA systems | SICK Sensor Vietnam – SICK Vietnam – SICK Việt Nam – SICK Sensor Việt Nam-AUMI-Đại diện SICK Sensor Việt Nam

III Seminário Defesa | Apura

How a digital Cold War with Russia could threaten the IT industry | Matias Vangsnes

Последствия новой «холодной войны» в сфере IT | Цукерберг Позвонит! – интернет-бизнес, стартапы и маркетинг

How a digital Cold War with Russia could threaten the IT industry | VBSCS

Leave a note