The Russian government grants immunity to cybercriminals in exchange for information acquired by otherwise illegal computer intrusions, a former federal hacker-hunter accused of treason claimed Wednesday.
“The essence of the deal is that the state gets access to the technologies and information of ‘cyberthieves,’ in exchange for allowing them to steal abroad with impunity,” Russian cybersecurity expert Ruslan Stoyanov said in a letter published Wednesday by Dozhd, an independent, Moscow-based television channel.
The apparent quid pro quo has created “a new crime wave” carried out “patriotic thieves,” the likes of which may potentially lend to a serious international incident, predicted Mr. Stoyanov, the former head of cybercrime investigations for Kaspersky Labs, a Russian security firm.
“The worst scenario is to give cybercriminals immunity from retaliation for stealing money in other countries in exchange for intelligence. If this happens, a whole layer of ‘patriotic thieves’ will appear, violating the principles of the rule of law and [avoiding] punishment,” he wrote, as translated by IB Times.
Mr. Stoyanov’s claims are notable given not just the U.S. government’s recent spat with supposed Kremlin-hired hackers, but his own unique standing as a former cybersecurity professional currently accused of treason.
Mr. Stoyanov and Sergei Mikhailov, a senior official within the FSB’s Center of Information Security, were silently arrested in December on charges of treason, Russia’s Kommersant newspaper reported weeks later. At least two other individuals, including a second FSB official and a businessman, have reportedly since been arrested in connection with a federal treason probe otherwise largely shrouded in secrecy.
“I was thrown into the most severe prison on charges of treason. Everything was kept secret,” Mr. Stoyanov said through his attorney in Wednesday’s letter.
“If only my affairs did not undermine the stability of the posts and merits of the generals, and also did not harm the business of ‘patriot-thieves,’” he added.
Prior to starting at Kaspersky in 2012, Mr. Stoyanov hunted hackers for the Russian government as a member of the Interior Ministry’s Moscow Cyber Crime unit up until 2006, according to his LinkedIn profile. Though the details of the treason case are under seal, the security firm said the investigation involves “a period predating his employment at Kaspersky Lab.”
Prosecutors reportedly brought their case against Mr. Kaspersky and others under Article 275 of the country’s constitution, which defines treason as “espionage, disclosure of state secrets, or any other assistance rendered to a foreign organization, or their representatives in hostile activities to the detriment of the external security of the Russian Federation committed by a citizen of the Russian Federation.”
News of Mr. Stoyanov’s arrest first emerged earlier this year as unrelated allegations swelled concerning a purported Kremlin-led hacking campaign targeting the 2016 U.S. presidential election. Moscow has since denied those allegations, notwithstanding digital evidence indicating Russian military intelligence used cyberattacks and other tactics to interfere in last year’s White House race.