Eugene Kaspersky | |
Native Name Lang: | ru |
Birth Name: | Yevgeny Valentinovich Kaspersky |
Birth Date: | 4 October 1965 |
Birth Place: | Novorossiysk, Krasnodar Krai, Russian SFSR |
Nationality: | Russian |
Children: | Maxim (b. 1989) Ivan (b. 1991) |
Alma Mater: | IKSI |
Occupation: | Chairman and CEO of Kaspersky Lab |
Known For: | Founder of Kaspersky Lab |
Awards: |
Yevgeny Valentinovich Kaspersky (Russian: Евгений Валентинович Касперский; born 4 October 1965) is a Russian cybersecurity expert and the CEO of Kaspersky Lab, an IT security company with 4,000 employees. He co-founded Kaspersky Lab in 1997 and helped identify instances of government-sponsored cyberwarfare as the head of research. He has been an advocate for an international treaty prohibiting cyberwarfare.
Kaspersky graduated from The Technical Faculty of the KGB Higher School in 1987 with a degree in mathematical engineering and computer technology. His interest in IT security began when his work computer was infected with the Cascade virus in 1989 and he developed a program to remove it. Kaspersky helped grow Kaspersky Lab through security research and salesmanship. He became the CEO in 2007 and remains so as of 2024.
Kaspersky was born on 4 October 1965 in Novorossiysk, Soviet Union.[1] He grew up near Moscow, where he moved at age nine. His father was an engineer and his mother a historical archivist.[2] As a child he developed an early interest in math[3] [4] and technology.[5] He spent his free time reading math books and won second place in a math competition[6] at age 14.[2] When he was fourteen, Kaspersky began attending A.N. Kolmogorov boarding school, which is run by Moscow University and specializes in math.[3] [5] [7] He was also a member of the youth division of the Communist Party of the Soviet Union.
At the age of 16, Kaspersky entered a five-year program with The Technical Faculty of the KGB Higher School,[8] which prepared intelligence officers for the Russian military and KGB.[3] [4] He graduated in 1987 with a degree in mathematical engineering and computer technology.[1] [4] After graduating college, Kaspersky served the Soviet military intelligence service as a software engineer.[7] He met his first wife Natalya Kaspersky at Severskoye, a KGB vacation resort, in 1987.
See main article: Kaspersky Lab.
Kaspersky's interest in IT security began in 1989, when his PC was infected by the Cascade virus,[9] while working for the Ministry of Defence.[10] He studied how the virus worked and developed a program to remove it.[9] Afterwards he continually found new viruses and developed software to remove them, as a hobby. Early on Kaspersky's anti-virus software had just 40 virus definitions and was distributed mostly to friends.
In 1991, Kaspersky was granted an early release from his military service and left the defense ministry to take a job at the Information Technology Center of a private company KAMI, in order to work on his antivirus product full-time.[7] There, he and his colleagues improved the software and released it as a product called Antiviral Toolkit Pro in 1992.[3] [7] At first the software was purchased by about ten clients per month. It earned about $100 per month, mostly from companies in Ukraine and Russia.[9] [4] Kaspersky's then-future wife Natalya Kaspersky became his coworker at KAMI.[7]
In 1994, Hamburg University in Germany gave Kaspersky's software first place in a competitive analysis of antivirus software.[3] [4] [7] This led to more business for Kaspersky from European and American companies.[4] [11] Kaspersky Lab was founded three years later by Kaspersky, his wife and Kaspersky's friend Alexey De-Monderik. Natalya, who pushed Eugene to start the company, was the CEO, while Eugene was the head of research. The following year, the CIH virus (AKA the Chernobyl virus) created a boon for Kaspersky's anti-virus products, which Kaspersky said was the only software at the time that could cleanse the virus. According to Wired, "their software was advanced for the time." For example, it was the first software to monitor viruses in an isolated quarantine.
Kaspersky's company grew quickly in the late 1990s. From 1998 to 2000, its annual revenue grew 280 percent and by 2000 almost sixty percent of revenues were international. By 2000, it had a staff of 65 people, starting from 13 in 1997. The antivirus product was renamed to Kaspersky Antivirus in 2000, after an American company started using the product's original name, which wasn't trademarked.[10] [12]
As the head of research,[3] Kaspersky authored papers on viruses and went to conferences to promote the software. He was often quoted in the technology press as an antivirus expert. He helped establish the company's Global Research and Expert Analysis Team (GReAT), which helps corporations and governments investigate IT security threats. Initially he told his team not to discuss cyber-terrorism publicly, to avoid giving governments ideas on how to sabotage their political opponents. After the American film Live Free or Die Hard (AKA Die Hard 4.0) (2007) was released, Kaspersky said the idea was now public.[13] He hired the researcher that identified the Stuxnet worm, which is believed to be the first instance of state-sponsored cyberweapon.[14] Afterwards, the company exposed the Flame virus at the request of the International Telecommunication Union. The virus was believed to have been used for cyber-espionage in Middle-Eastern countries.[15] [14]
Kaspersky Lab developed a reputation for discovering cybersecurity threats.[16] [17] In 2015 Kaspersky and Kaspersky Lab discovered a group of hackers known as Carbanak that were stealing money from banks. They also exposed Equation Group, which developed advanced spyware for monitoring computer use and was believed to be affiliated with the National Security Agency in the U.S.[17] According to The Economist, it was these discoveries, Kaspersky's "relentless salesmanship" and the company's anti-virus product that made Kaspersky Lab uncommon as an internationally recognized Russian company.[17]
Kaspersky became CEO of Kaspersky Lab in 2007.[3] According to a 2008 article in USA Today, he traveled to 20 to 30 countries per year promoting Kaspersky Lab products.[18] In early 2009, CRN said his personality contributed to the company's growth from "relative obscurity to now nipping at the heels of its larger, better-known rivals." At the time, Kaspersky Lab was the fourth largest endpoint security company. It introduced new products for the enterprise market and expanded its channel programs.
In 2011, Kaspersky made a decision against taking the company public, saying it would make decision-making slow and prevent long-term R&D investments. This led to a series of high-level departures from the company, including his ex-wife and co-founder.[17] Another series of departures occurred in 2014 due to disagreements over how to run the company.[19]
Kaspersky Lab has defended itself against allegedly frivolous patent claims more aggressively than most IT companies. In 2012, it was the only one of 35 firms named in a suit by patent troll Information Protection and Authentication (IPAC) to take the case to court, rather than pay a fee. The case was ruled in Kaspersky's favor.[20] Also in 2012, another company, Lodsys, sued Kaspersky and 54 other companies for patent infringement, and that case also resulted in the claimant dropping the case against Kaspersky.[21] According to an article in TechWorld, the company's aversion to settling these claims is most likely because Eugene "just hates" patent trolls. In his blog he called them "parasites" and "IT racketeers".[22]
Kaspersky himself is the co-author of several patents, including one for a constraint-and-attribute-based security system for controlling software component interaction.[23]
As of 2015, Kaspersky Lab employed more than 2,800 people.[9] As of 2012, Kaspersky was working on developing software to protect critical infrastructure, like power plants, from cyberwarfare.
Kaspersky is influential among politicians and security experts.[24] He has warned about the possibility of cyberwarfare that targets critical infrastructure. He speaks at conferences advocating for an international cyberwarfare treaty,[3] [24] that would ban government-sponsored cyberattacks.[15]
After the Stuxnet attack, Kaspersky proposed that the Internet needed more regulation and policing. One idea was to have some parts of the Internet anonymous, while more secure areas require user identification. He argued that anonymity mostly benefited cybercriminals and hackers. For example, accessing a nuclear power plant network could require a verified identity through a digital passport.[14]
Kaspersky said anonymity on the Internet could be protected by using a proxy, whereby a responsible international body maintains a record of which online identities correspond to which real-world ones. For example, a person's identity would be revealed in cases of malicious activity. Some security experts believe that a centralized database of the real-world identities of Internet users would be "a privacy disaster and a highly attractive target for thieves." The Age said it "sounds a little too close for comfort to a Big Brother scenario" and Wired said Kaspersky's views were highly aligned with the Russian government's agenda.[2] In 2012, Kaspersky ranked 40th in the Foreign Policy magazine's Top 100 Global Thinkers yearly rating.[25]
Many organizations have been considering reducing privacy to improve security as a result of Kaspersky's arguments. In a more recent Slashdot interview Kaspersky said the Internet should be divided into three zones: a red zone for voting, online banking, and other "critical transactions" that would require an Internet ID; a grey zone that may require only verification of age to access the site, but not identity; and a green zone for blogs, news, and "everything related to your freedom of speech." He proposes "special proxies" for red zone websites that allow disclosure of the user's identity only in the case of suspected malfeasance.[26]
Kaspersky's prior work for the Russian military and his education at a KGB-sponsored technical college has led to controversy about whether he uses his position to advance Russian government interests and intelligence efforts.[14] [27]
Wired said Kaspersky's critics accuse him of using the company to spy on users for Russian intelligence. Russian telecommunications companies for example are required by federal law in Russia to cooperate with the government's military and spy operations if asked. Kaspersky said his company has never been asked to tamper with its software for espionage and called the accusations "cold war paranoia".[28] According to Wired, Kaspersky staffers argue "not unconvincingly" that spying on users would hurt its business and its relationship with the Russian FSB, the KGB's successor, is limited. According to Gartner, "There's no evidence that they have any back doors in their software or any ties to the Russian mafia or state... but there is still a concern that you can't operate in Russia without being controlled by the ruling party."[15] Computing mocked some of the more extreme accusations of espionage, but said it would be unlikely for a Russian business to grow to the size of Kaspersky Lab without relationships within the Russian government.[29] NPR journalists also said it was unlikely Kaspersky was using its software for espionage, because it would be risky for the company's business, but said Kaspersky showed an unusual disinterest in Russia-based cybercrime.[30]
In August 2015, Bloomberg reported that Kaspersky Lab changed course in 2012. According to the publication, "high-level managers have left or been fired, their jobs often filled by people with closer ties to Russia's military or intelligence services. Some of these people actively aid criminal investigations by the FSB using data from some of the 400 million customers".[31] Bloomberg[32] and The New York Times[15] also said Kaspersky was less aggressive about identifying cyberattacks originating from Russia than from other countries, allegations Kaspersky refutes. For example, he allegedly ignored or downplayed a series of denial-of-service attacks in December 2011 that were made to disrupt online discussion criticizing Russian politicians.[2] Kaspersky also allegedly ignored a Russian-based spyware called Sofacy, which is believed to have been used by Russia against NATO and Eastern Europe.[30] On the other hand, Kaspersky also published information on the Russia-based Crouching Yeti cyberattacks two days before Bloomberg accused him of ignoring Russia-based cyberattacks. At the time, the company had published eleven reports on malicious Russian programs. Competitor FireEye said it is awkward even in the U.S. to investigate cybercrimes performed by one's own government.
A March 2015 article in Bloomberg said an increasing number of executive staff at Kaspersky Lab previously worked for Russian military and intelligence agencies.[33] According to News & Observer, Kaspersky "published a mammoth response, tearing down Bloomberg's accusations and accusing them of throwing facts out the window for the sake of a juicy anti-Russian narrative."[34] Competitor FireEye said many U.S. IT companies also have executives that formerly worked for government military and intelligence agencies.[35] NPR reported that Kaspersky has been doing an increasing amount of business with Russian cybersecurity agencies to catch cybercriminals.[36] Kaspersky confirmed that Russian agencies are among its government customers.[17] [28]
In May 2017, the allegations resurfaced when US National Security Agency (NSA) director Mike Rogers told a US Senate Intelligence committee that the NSA was reviewing the US government's use of Kaspersky software for fear it would allow Russian intelligence services to conduct spy operations or launch cyber attacks against American digital infrastructure.[37] ABC reported that the Department of Homeland Security had issued a secret report in February on possible connections between Kaspersky Lab and Russian intelligence, and that the FBI was currently investigating the matter.[38] According to Defense Intelligence Agency (DIA) director Vincent Stewart, his agency is "tracking Kaspersky and their software."[39] In a press release, Eugene Kaspersky denied that his software is currently, or could be, used for such purposes, stating that "As a private company, Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyber-espionage efforts."[40] He also stated that the US does not want to use his company's software for political reasons,[39] and called the allegations "unfounded conspiracy theories".[41]
Alleging connections to Russian intelligence, the U.S. Department of Homeland Security in 2017 banned Kaspersky's main antivirus product from U.S. federal networks. In 2024 the U.S. Commerce Department announced that "Kaspersky will generally no longer be able to, among other activities, sell its software within the United States or provide updates to software already in use."[42]
Kaspersky is one of many Russian oligarchs named in the Countering America's Adversaries Through Sanctions Act, CAATSA, signed into law by President Donald Trump in 2017.[43]
In August 2015, two former Kaspersky employees alleged that the company introduced modified files into the VirusTotal community anti-virus database to trick its rivals' programs into triggering false positives. The result of the false positives was that important uninfected files would be disabled or deleted. The allegations also claimed that Kaspersky himself had ordered some of the actions, specifically targeting competitors, including Chinese companies he felt were copying his software. Emails dated 2009, two years after Kaspersky became CEO, were allegedly leaked to Reuters, one of which allegedly had Kaspersky threatening to go after competitors by "rubbing them out in the outhouse", using a phrase popularized by Vladimir Putin.[44] [45] The company denied the allegations.[44]
Kaspersky was ranked #1,567 on Forbes "Billionaires List 2017" with a net worth of US$1.3 billion (as of March 2017).[46] He first made the list in 2015 when his net worth reached US$1 billion.
Kaspersky lives in Moscow, Russia with his wife and five children.[9] [57] He and his first wife were divorced in 1998. On 21 April 2011, his son, Ivan, then 20, was kidnapped for a $4.4 million ransom. Kaspersky worked with a friend at the FSB and Russian police to trace the ransomer's phone call. They set up a trap for the ransomers, where they rescued his son and arrested many of the kidnappers.[4] [15] [58] The incident had an influence on Kaspersky's sense of personal security. He now travels with a bodyguard and security detail.[24]
Kaspersky is one of the richest people in Russia.[59] His net worth is about $1 billion.[3] According to Wired, he has "cultivated the image of a wild man with cash to burn."[59] He has an interest in racing and drives his sports cars on race tracks as a hobby.[60] He sponsors various "quirky or scientific projects"[2] such as the Ferrari Formula One racing team[59] [61] or archaeological excavations in Akrotiri (prehistoric city).[62] Kaspersky owns a BMW M3.[12] Kaspersky describes himself as an "adrenaline junkie". He has gone hiking on volcanoes in Russia and reserved a trip to space on the Virgin Galactic.[24] He travels often[24] [2] and writes about his experiences in his personal blog.[12] He also enjoys photography as a hobby.[2]
Kaspersky is known for shunning formal attire, typically dressing in jeans and a shirt.[63] He supports university projects and competitions in the IT security field.