Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Sanctioned Russian IT company partners with Microsoft, IBM

Six Russian technology companies have been slapped with sanctions by the U_S_ Treasury Department for supporting Kremlin intelligence agencies for engaging in “dangerous and disruptive cyber attacks."

Via AP news wire
Thursday 15 April 2021 20:13 EDT
APTOPIX Biden
APTOPIX Biden (Copyright 2021 The Associated Press. All rights reserved)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Treasury Department on Thursday slapped six Russian technology companies with sanctions for supporting Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.”

But only one of them stands out for its international footprint and partnerships with such IT heavyweights as Microsoft and IBM

That company, Positive Technologies, claims more than 2,000 customers in 30 countries, including major European banks Societe Generale and ING, as well as Samsung, SK Telecom of South Korea and BT, the British telecommunications giant.

Its clients also include the FSB, a successor to the KGB that “cultivates and co-opts criminal hackers” who carry out ransomware and phishing attacks, the Treasury Department said. The U.S. said big conventions hosted by Positive Technologies are “used as recruiting events” by the FSB and the GRU, Russia's military intelligence agency.

GRU agents are the swashbucklers of Russian intelligence. The agency stands accused of spearheading the hack-and-leak operation that interfered in the 2016 U.S. presidential election to favor Donald Trump. Its agents also conducted the most damaging cyberattack on record, the runaway 2017 NotPetya virus that did more than $10 billion in global damage, its victims including the shipping giant Maersk and pharmaceutical company Merck

The CEO of the software industry-supported Internet Research Institute in Moscow, Karen Kazaryan, said he was not familiar with most of the Russian IT companies sanctioned on Thursday. But Positive Tech is well-known in the industry for its annual Hack Days conference, which is scheduled for May 20-21 at a Moscow hotel.

Former CIA analyst Michael van Landingham applauded the naming and sanctioning of Russian IT companies known to have aided and abetted malign government activity.

“Naming specific companies can create incentives for educated and skilled Russians who might be able to obtain jobs elsewhere where they don’t support Russian state hacking,” he said.

Positive Tech's specialty is identifying vulnerabilities in popular software such as Microsoft's Windows operating system. The world’s intelligence agencies regularly lean on companies like it not to disclose potent vulnerabilities publicly when they find them but to instead quietly share them for hacking adversaries’ networks.

The U.S. did not accuse Positive Technologies of any such behavior and the Treasury Department declined to answer questions about the company's activities beyond a press release.

Nor would a Microsoft spokesperson discuss the company's business relationship with Positive Tech. On its website, Microsoft names the company as one of among more than 80 security software providers to which it gives early access to vulnerability information so they can make sure their customers get patches quickly. IBM also lists Positive Technologies as a security partner, offering customers one of its scanning tools.

IBM didn't respond to requests for comment Thursday. Neither did other U.S. tech companies HP and VMware, which Positive Technologies lists as technology partners.

On its website, Positive Technologies lists Russia’s Defense Ministry as among its first major clients, in 2004 when it was two years old with just 11 employees. It claimed more than 800 employees in 2018.

Russia's biggest business database lists the company's CEO and founder as Yury Maximov, about whom little is known other than he graduated from Moscow State University. The company did not respond to questions sent to press contacts on its website.

Positive Tech's website boasts of a number of accomplishments, such as providing cybersecurity for the 2018 soccer World Cup hosted by Russia and publishing data that same year on 30 high-risk vulnerabilities. It said it opened its first international office in London in 2010 and its first U.S. office in 2012.

The company has sometimes used Framingham, Massachusetts, as its U.S. location in news releases, though it's not recorded in city or state records as a business by that name. An office building with an address linked to the company is a co-working space that can be rented on flexible terms for “one person or more."

Market research firm IDC listed Positive Technologies as one of the fastest-growing companies in security and vulnerability management in 2012, in part because it was so small at the time, growing nearly 82% year-over-year to $30 million in worldwide revenue. Nearly all that revenue came from assessing vulnerabilities. But by 2015, its worldwide revenues fell 37.6% to $26.5 million, according to IDC, which eventually stopped tracking the company.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in