Can the Russian computer security giant, Kaspersky, producer of the world’s best-known and most widespread anti-virus software, become a political tool for Vladimir Putin? Two weeks after Russia’s military invasion of Ukraine, the question has returned to public debate.
The flight of Western companies from Moscow and the pressure of international sanctions have not relented. People are taking action by loosening or cutting ties with major Russian companies, from sports partnerships to industrial twinning throughout Europe, including Italy. But, as the Kaspersky case shows, decoupling is not always a walk in the park.
Kaspersky boasts a longstanding presence in Italy, both in the public and private sectors, with a turnover of €704 million in 2020 and 3,619 employees. Thanks to the famous antivirus and a capable research team, enclosed in its Global Research&Analysis Team (GReAT), the Russian giant has signed rich contracts in Italy over the years.
From contracts with the Italian public administration to partnerships with private companies, the Russian-made software is everywhere. One of its most iconic clients is the fable automaker Ferrari, which renewed its contract last December in a multi-year deal that includes sponsorship of cars and uniforms and the use of Kaspersky software.
In the midst of war with Ukraine, the mosaic of commercial agreements with the Moscow giant is now back in the spotlight. Suspicions over the Kremlin’s control of the company, and potentially its services and access to foreign devices, has surrounded the company for years, both in Italy and elsewhere, although solid evidence is scarce.
Still, in a hybrid war scenario where Europe and Italy are exposed to the cyber offensives of Kremlin-sponsored Russian hackers – as repeatedly suggested by the National Cybersecurity Agency (NCA) –, one must ask: is entrusting the security half of the servers of half of the Italian public administration and dozens of national companies to Kaspersky a good idea?
The company denies any subordinate relationship with the Russian government and states that it does not have to answer to SORM (Russia’s System of Operational Investigative Measures), the legal interception system of Russian intelligence telecommunications and telephone networks. In 2018, the company also set up a “Transparency Centre” in Zurich, saying it is prepared to show its source code to government authorities who request it.
The company has not commented on the conflict, saying that “geopolitical”” upheavals are “beyond” its purview. A series of tweets by the founder, who called for a “compromise” between Kyiv and Moscow, sounded like an awkward distancing from the war in Eastern Europe.
Despite this, the company is no stranger to political turmoil. Its founder studied at a university sponsored by the KGB, amongst others. To date, Kaspersky has collaborated with Russian government authorities.
According to the Ripe (Réseaux IP Européens) database, and as noted by expert Stefano Quintarelli, Sergei Shoigu – the minister in charge of the invasion of Ukraine and leader of the Russian Ministry of Defence – has worked with Kaspersky Lab.
Some, including former US President Donald Trump, have decided to stop the company in recent years by calling security issues into question. In December 2017, Mr Trump signed a decree to exclude Kaspersky’s software from all civilian and military government networks, a blow similar to the one dealt to the Chinese company Huawei.
The same month, the UK government’s main cybersecurity agency issued a warning not to use the Russian software for systems “related to national security”. In June 2018, the European Parliament passed a resolution calling for a ban on Kaspersky Lab’s software, describing it as “malicious”.
The Russian company’s capillary presence in the public sector makes the Italian case unique. Controversy has returned to the Italian political arena with a parliamentary question signed by MP Paolo Nicolò Romano, which Kaspersky called a set of “speculations”.
There are no additional political initiatives to clarify relations between the Russian giant and the government in Moscow. Kaspersky continues to take root in the Italian market with the approval of the government.
On January 26, the Ministry of Economic Development, through the General Directorate for Communications Technology and Information Security and, in particular, the “Higher Institute of Communications and Information Technology”, awarded Kaspersky Endpoint Security for Windows the Information Security Certification Body certification.