In December of 2016, local publication Kommersant revealed that leading cybersecurity firm Kaspersky Lab’s Head of the Computer Incidents Investigation Team Ruslan Stoyanov was arrested alongside Sergei Mikhailov, senior intelligence officer of Russia’s national security service (FSB).
Upon the release of the report of Kommersant, Kaspersky Lab confirmed with the Associated Press in regards to the incident and published an official statement on the matter. Kaspersky Lab emphasized that the company is not responsible for the arrest of Stoyanov and the division he was in charge of will carry on with its operations.
“The employee, who is Head of the Computer Incidents Investigation Team, is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation. The work of Kaspersky Lab’s Computer Incidents Investigation Team is unaffected by these developments,” read the statement of Kaspersky.
The statement of Kaspersky referenced Stoyanov’s previous contributions to the Moscow Cyber Crime Unit at the Russian Interior Ministry, where he worked for six years, from 2000 to 2006 prior to joining the private sector.
Currently, Stoyanov is charged for treason and his involvement with overseas firms over the past decade. Local investigators and law enforcement agents are actively looking into the accounts and financial ties of Stoyanov to solidify a connection between Stoyanov and a foreign company. If investigators discover a payment received by Stoyanov from a foreign company in compensation to his efforts of leaking confidential government information, he will be proven guilty of treason.
While the sentence or penalty for treason aren’t specified, Article 275 of the Criminal Code of Russia, which Kommersant stated the case was filed under, clearly reaffirms that if an individual denies or fails to prevent further damage to the interests of the Russian Federation, in other words doesn’t inform the government on the passing of confidential information, then the individual can’t be relieved from criminal responsibility.
Investigators are more actively examining the case of Stoyanov because of his previous involvement with the Russian government in the crackdown of cyber criminals. A source of Forbes claimed that Stoyanov was involved in major cybercrime investigations led by the Russian law enforcement over the past decade, including the famous case of the Lurk gang, a criminal group of 50 members which stole nearly US$45 million from Russian banks and financial institutions.
“Stoyanov was involved in every big arrest of cybercriminals in Russia in past years,” the source told Forbes.
Local law enforcement agencies and investigators are prioritizing the case of Stoyanov considering the depth of knowledge and information he holds on the cases he was involved with in the past.
Some experts and analysts such as Andrei Soldatov, a veteran Russian security services researcher, described the case and the arrest of Stoyanov as “unprecedented,” and criticized the government of Russia for sabotaging its relationships with intelligence and cybersecurity agencies it worked hard to maintain.
“It destroys a system that has been 20 years in the making, the system of relations between intelligence agencies and companies like Kaspersky. Intelligence agencies used to ask for Kaspersky’s advice, and this is how informal ties were built. This romance is clearly over,” said Soldatov.