Russian cybersecurity expert charged with treason over US data-sharing claims

Charges brought against a Kaspersky expert and state security offers stem from allegations of state secret leaks.
Written by Charlie Osborne, Contributing Writer

State officers and a Kaspersky cybersecurity specialist arrested by Russian authorities for treason allegedly passed state secrets to US companies, it has emerged.

In December last year, Ruslan Stoyanov, chief of the Kaspersky computer incidents investigation team, alongside Sergei Mikhailov and Dmitry Dokuchayev, members of the Russian Federal Security Service (FSB), were arrested and charged with treason by Russian authorities.

As reported by Reuters, the case relates to claims made by a Russian businessman seven years ago that the suspects allegedly passed state secrets to Verisign and other US companies, which were then shared with the country's government agencies.

The claims were made in 2010 by Russian businessman Pavel Vrublevsky, the founder of online payments firm ChronoPay. According to the businessman and unnamed sources speaking to the publication, the arrests were made in response to the information-sharing accusations -- despite the amount of time it has taken.

However, considering the US and Russia's recent fight over hacking claims, the timeframe chosen to resurrect these accusations is interesting. The trio was arrested in December, just after the US accused the country of using digital weapons to manipulate the presidential election to turn the tide of voters away from Hilary Clinton and towards Donald Trump.

Russia denied the claims, but this did not stop former President Barack Obama from booting 35 Russian diplomats out of the US in retaliation.

"I can confirm we (Chronopay) expect to be part of this case," Vrublevsky said. "In 2010 we provided the FSB and other important Russian agencies with evidence that at least one FSB employee, as well as several other people, were involved in treason."

When the businessman first accused Stoyanov and Mikhailov of sharing confidential information, Vrublevsky was instead arrested and charged as the mastermind of cyberattacks on rival payments firms. Now on parole and having always denied any wrongdoing, Vrublevsky says the charges brought against him were made as information on his business practices were leaked by Mikhailov to Stoyanov in 2010.

At the time, FSB officer Mikhailov worked as a consultant in the private sector which brought him into contact with companies in the West, including Verisign.

See also: Methbot: Russian botnet steals millions from US companies every day

Verisign denies that the information the company received at the time contained state secrets. While the company does compile dossiers for clients on cybercrime and threat actors, the cybersecurity firm staunchly rejects the claim that research conducted included any classified information.

A Kaspersky spokesperson told ZDNet:

"The case against this employee does not involve Kaspersky Lab. The employee, who is head of the Computer Incidents Investigation Team, is under investigation for a period predating his employment at Kaspersky Lab.
We do not possess details of the investigation. The work of Kaspersky Lab's Computer Incidents Investigation Team is unaffected by these developments."

ZDNet has reached out to Verisign and will update if we hear back.

10 steps to erase your digital footprint

Measuring third-party security risks within minutes, not months:

Editorial standards