In what may be the latest fallout from the cold cyberwar taking place between the US and Russia, the head of the investigation unit, and one of the most important cybercrime experts at Kaspersky Lab, Russia's biggest cybersecurity firm, was been arrested on charges of treason. Stoyanov was involved in every big anti-cybercrime operation in Russia in past years, including the one against the components of the Lurk cybercrime gang.
According to the “Kommersant” the arrest may be linked to the investigation on into Sergei Mikhailov, deputy head of the information security department of the FSB, Russia national security service. Stoyanov and Mikhailov were both arrested in December, according to the Kommersant the investigation was exploring the receipt of money from foreign companies by Stoyanov and his links to Mikhailov. Mikhailov is also facing treason charges alongside Stoyanov.
Kaspersky spokeswoman Maria Shirokova, said in a statement that Stoyanov's arrest "has nothing to do with Kaspersky Lab and its operations."
She said the company has no details of the charges Stoyanov faces, but added that the investigation dates back to the time before Stoyanov was hired by Kaspersky.
According to Forbes, the arrest may be a matter of national security: "A Russia-based information security source told FORBES the details of the case were likely to remain private. The case has been filed under article 275 of Russia’s criminal code, the source said, meaning it should result in a secret military tribunal. Article 275 allows the government to prosecute when an individual provides assistance to a foreign state or organization regarding “hostile activities to the detriment of the external security of the Russian Federation” (translation from source). According to the source, this can be applied broadly. For instance, furnishing the FBI with information on a botnet may amount to treason."
Before Stoyanov joined Kaspersky in 2012, he served six years as a major in the Ministry of Interior’s cybercrime unit between 2000 and 2006, then he moved into the private sector. While Ruslan Stoyanov was working for the Russian government, he was the lead investigator into a hacker crew that extorted $4 million to U.K. betting shops under the DDoS threat.
U.S. intelligence agencies have accused Russia of meddling in the U.S. presidential election through hacking, to help Donald Trump win the vote, claims that Russia has rejected. U.S. and EU officials also have accused Russia of hacking other Western institutions and voiced concern that Russia may try to influence this year's elections in Germany, France and the Netherlands. It wasn't immediately clear if the arrests are somehow linked to these allegations.
The FSB's press office did not comment on the arrest.
Meanwhile Andrei Soldatov, who has studied the internet and Russian security services for more than a decade, called the arrest of the Kaspersky manager "unprecedented."
"It destroys a system that has been 20 years in the making, the system of relations between intelligence agencies and companies like Kaspersky," he told The Associated Press. "Intelligence agencies used to ask for Kaspersky's advice, and this is how informal ties were built. This romance is clearly over."
While Kaspersky has published research damaging to Russian hacking operations, Eugene Kaspersky is known to have held a friendly relationship with the Russian government. The company has a strong international presence, including antivirus research facilities inside the United States.
It remains unclear if today's arrest has any connection to the "Russian election hacking" scandal that brought US-Russian relations to a halt in the last days of the Obama administration.