A Mr. Tikhonov, Executive Director, Kaspersky Lab. Kaspersky Lab: Garry Kondakov, Andrey Tikhonov, Evgeny Buyakin, Roger Wilson

11/21/2011, Mon, 12:11, Moscow time , Text: Alexander Levashov

Kaspersky Lab announced the departure of Executive Director Evgeny Buyakin and Marketing Director Roger Wilson. Both top managers decided to take up own business.

Executive Director of Kaspersky Lab Evgeny Buyakin decided to leave the company on December 31, 2011 due to the desire to start his own business, the Laboratories report says.

Also on December 31, 2011, the company leaves Roger Wilson(Roger B. Wilson), who served as director of marketing. He plans to create his own consulting agency in branding and communications in Europe.

Under the leadership of Buyakin, over the past four years, the business of Kaspersky Lab has grown 4 times, says the CEO and founder of the company Eugene Kaspersky. Buyakin, according to Kaspersky, was "one of the company's leaders on the way to becoming one of the main players in the global IT security market." He has been with the company since 1999.

Roger Wilson aligned the company's marketing practices with international standards and brought the brand awareness of Kaspersky Lab to a new level, added Kaspersky. Wilson joined the company in 2008.

In connection with the departure of two top managers, Kaspersky Lab redistributed their duties between Garry Kondakov appointed to the position commercial director companies, and Andrey Tikhonov who was promoted to chief operating officer.

"The new appointments are designed to give an additional impetus to the company's growth, improve the efficiency of its operational and business units, facilitating entry into new market segments and accelerating business development, as well as increase the company's transparency for external partners," the Lab said in a statement.

Garry Kondakov in 2002 headed the representative office of Kaspersky Lab in Russia, the CIS countries and the Baltic States, and by 2011 he had worked his way up to Managing Director of the company in emerging markets, where he oversaw activities in Latin America, Eastern Europe, the Middle East and Africa.

In addition to the above regions, as Commercial Director Garry Kondakov will lead the development of the company's business in Western Europe, North America and the Asia-Pacific region, including Japan, as well as the entire marketing activities Kaspersky Lab.

Andrey Tikhonov, who joined Evgeny Kaspersky's team as a product developer in 1994, even before the creation of Kaspersky Lab. Since 2004, he has served as the company's technical director, and in 2009 he was appointed chief information officer.

As COO of Kaspersky Lab, Andrey Tikhonov's responsibilities, in addition to IT, will also include financial activities companies and personnel and business process management.

“Our company is entering a new important stage in its development, which sets us extremely serious goals and objectives. Carried out modernization corporate governance Kaspersky Lab is an important and necessary step for successful implementation our ambitions and a great accomplishment for the entire company,” said Evgeny Kaspersky.

- Nikolai Grebennikov.

Grebennikov came to work at "" in 2003 as a systems analyst and quickly made a career. Already in 2006, under the actual leadership of Grebennikov, the department innovative technologies(DIT) issued several serious developments. "I thought that in three or four years he could become an excellent technical director. However, he became one much faster," says Natalia Kasperskaya, former General Director of the Laboratory.

In 2007, after with Evgeny Kaspersky, Natalya left the post of CEO, and Kaspersky himself began to manage the company. Grebennikov was immediately appointed director of DIT, and a year later he became the technical director of the entire company.

By the beginning of 2009, the technical department, which was formed as a result of the merger of DIT and the product development department, consisted of 640 people. Grebennikov was then about 30 years old. According to Kaspersky, "such a rapid rise is a serious test for any person."

In the summer of 2013, at an innovation summit in Prague, Kaspersky, according to Grebennikov, publicly introduced him as his successor as CEO. Due to frequent trips, it was necessary for Kaspersky to transfer operational management to a reliable person, which Grebennikov was supposed to become.

Despite the fact that at that time the company was one of the four largest antivirus companies in the world, revenue growth was slowing down at a catastrophic pace. Grebennikov recalls that Kaspersky himself added to him, in addition to R&D functions, the management of the entire mobile direction. In addition, the technical director asked to transfer the area of ​​​​protection against fraud that he had been promoting for a long time (the decision was made collectively at the board of directors).

The expansion of the powers of the technical director caused dissatisfaction with the commercial director Garry Kondakov. Over time, according to Grebennikov, it resulted in a confrontation between developers and sellers, which, however, is a routine phenomenon for business.

However, Kondakov was supported by financial director Andrey Tikhonov and head of the legal department Igor Chekunov, who oversees the company's department for investigating computer incidents, Kaspersky's personal security (played a big role in his release) and is responsible for interaction with the Ministry of Internal Affairs, the FSB.

By the end of 2014, the relationship between Kaspersky and Grebennikov had changed dramatically. According to Grebennikov, he "as if he had stopped hearing me, saying that we only think about bonuses."

Grebennikov was helped by Harry Cheng, Managing Director for the Asia-Pacific Region, and Steve Orenberg, Managing Director for the Americas. Both did not develop relations with Kondakov and had their own proposals for optimizing the work of the company. In January, two days before the trip to Davos, Grebennikov flew to Cheng in China, where he learned that they wanted to remove him from the company, saying that he was like a bone in his throat - in the sense that he does not drink vodka, he does not go to the bath. Orenberg was of the same opinion. It was decided to tell Kaspersky about the company's problems and propose a plan for the development of "Laboratory" until 2020 in the form of a presentation. The meeting was scheduled for February 2014, in the Dominican Republic.

Eight people were waiting for Kaspersky at this meeting: in addition to the technical director, there were Cheng, Orenberg, the head of corporate marketing in the Milan office, John Malatesta, and several other managers - members of the management board and the board of directors of the company. Kaspersky was presented with a development plan for the company, but he "accepted everything with hostility."

The last slide in the presentation was slide 29, which depicted the updated structure of the top management team. The position of executive director (COO) was introduced, which was occupied by Grebennikov, the rest of the top managers were subordinate to him, with the exception of Chekunov. Kaspersky remained CEO, President, Chairman of the Board of Directors and co-owner.

At the same time, the executive director Andrey Tikhonov was made an adviser, and Garry Kondakov was removed from the position of head of sales, abolishing the position of global head of sales. Grebennikov himself explains that Orenberg and Cheng were categorically unwilling to work with Kondakov as head of sales in Europe, the Middle East and Africa.

"It didn't sound like an ultimatum, it was a proposal," Grebennikov recalls. After the meeting, Kaspersky was left alone with Cheng and Orenberg and said that he intended to fire Grebennikov. As a result, of the eight people who took part in the presentation, six were forced to leave the company: Grebennikov, Cheng, Orenberg, Malatesta and two Russian managers. When Grebennikov appeared on the threshold of the transparent “aquarium” cabinet with the sign “Eugene’s Escape”, Kaspersky, sitting at the table, nervously twisted a fountain pen in his hands. “You betrayed the company,” Grebennikov recalls his words. “And the revolutionaries have two ways: either the throne or Siberia. You go to Siberia!”

Now Kaspersky confirms that the conflict has been resolved. According to him, the main complaint against them is the form in which they did it. "I admit that they could have had quite a good and honest motivation to change something in the company's life for the better, but they chose completely unacceptable means," Kaspersky told Forbes.

After Kaspersky

In September 2014, Grebennikov was invited to work at Sberbank as an adviser to Lev Khasis on cybersecurity. Just six months later, Grebennikov headed subsidiary bank, which was engaged in the protection of ATMs. At the same time, he tried to receive 17.7 million rubles in compensation from Kaspersky, but he never saw this money: the company's lawyers claimed that, by going to work at Sberbank, Grebennikov violated the clause of the agreement on the non-disclosure of confidential information - we are talking about the presentation of business cybersecurity plans.

In March 2015, the fixed-term contract at Sberbank with Grebennikov was not renegotiated. There are rumors that top managers from Kaspersky Lab intervened. Kaspersky himself, however, says that, on the contrary, they gave only good performance Grebennikov.

In June, Grebennikov lost a lawsuit against Kaspersky Lab in the court of first instance, but does not intend to file an appeal. There are no conspiracy theories behind the events, he assures, emphasizing that there were only two reasons for his speech in the Dominican Republic: the desire to optimize the work of the "Laboratory" and the fear of losing what he built in 11 years.

Now Grebennikov is busy developing mobile game- and assures that the project has tightened it with his head.

Lies and fiction in a joint publication with Buzzfeed about the head of the company, the kidnapping of his son, anti-virus espionage and people from the FSB

The original of this material
© Meduza, 01/22/2018, Photo: via Lenta.Ru, Roem.ru, MK, pcweek.ru

Orcs who defeated the techies

How the security forces infiltrated Kaspersky Lab - and what did it lead to

Ilya Zhegulev

Eugene Kaspersky

At Kaspersky Lab, the largest Russian company in cybersecurity, Lately big problems in the American market. Since the fall of 2017, American government agencies have been banned from using the products of the "Laboratory" - in America, she is suspected of having links with Russian intelligence services and trying to gain access to classified files. Meduza special correspondent Ilya Zhegulev found out how the struggle for power and control inside Kaspersky Lab ended in victory for people from law enforcement agencies - and what were the consequences of this victory. Audio version of the text

"Well, congratulate me!" - said jokingly Eugene Kaspersky, going into the office of one of the top managers of his company. As Meduza’s source, who worked at Kaspersky Lab for almost ten years, recalls, he understood what his boss’s holiday was: December 20 was on the calendar (the source does not remember exactly what year), and everyone in the company knew that on this day meetings with Kaspersky should not be scheduled. Day of the security worker, which is usually called simply the Day of the Chekist, Kaspersky annually celebrates with friends from Federal Service security - and even business trips are usually planned in such a way as to stay in Moscow on December 20, a Meduza source claims.

Celebration ruined in 2017 Donald Trump. A week before Chekist Day, the President of the United States gave the status of law to the September decision of the Department of Homeland Security, which banned government agencies from using Kaspersky Lab products, arguing that the programs developed by it could be used by Russian intelligence agencies to gain access to American government documents. Accusations of collaborating with the Russian authorities for unseemly purposes have caused serious damage to Kaspersky, which earns mainly in the Western market: in 2016, North America and Europe accounted for more than 60% of the Lab's revenue.

Despite the company's own investigation claiming that Kaspersky's antivirus worked as advertised - and no one used it to steal data - Lab admits it has problems. "Our sales government bodies The US is only a small fraction of the company's entire business in North America. However, as this situation develops, the [Ministry of Homeland Security] ban is likely to lead to significant losses not only in the public segment, but also among private users,” says Andrei Bulai, a spokesman for Kaspersky Lab. (Evgeny Kaspersky himself did not want to answer Meduza's questions.)

The possible connections of Kaspersky Lab with the Russian state, as well as accusations that the antivirus was used to download classified information, have been the subject of many publications (for example, in Bloomberg, The New York Times, The Washington Post and other publications). According to a Meduza source who previously worked in the company's management, the problems began after the Laboratory's management structure changed in the first half of the 2010s. People from the special services were directly related to these changes.

FSO kidnapper

A graduate of the Higher School of the KGB, Evgeny Kaspersky began his career in 1991 in a small firm with his former teacher, and six years later, together with his wife, he created his own company. Kaspersky took the post of technical director responsible for the development of antiviruses; CEO Natalia Kasperskaya supervised commercial activity"Laboratories". The distribution of roles has not changed even in 1998, when the couple divorced: post CEO Kaspersky took almost another ten years, yielding to his ex-husband only in 2007. After that, three management clans began to form in the company, says Meduza's interlocutor, who at that moment worked as one of the top managers of Laboratory.

The clan of techies was headed by Nikolai Grebennikov, the company's technical director and, in fact, the main developer of the antivirus. The second group of influence consisted of Western financiers who believed that the company needed to be more active in the global market and enter the IPO; among them were the international managers of Lab Harry Cheng and Steve Orenberg, who dealt with the affairs of Kaspersky Lab in Asia and America, and some of their Russian colleagues. The third clan included people with a history of ties to Russian law enforcement agencies, such as former KGB officer Igor Chekunov, who was in charge of security and legal issues at the company. (Yevgeny Kaspersky claims that Chekunov never worked for the KGB, but simply did military service in the border troops, which were subordinate to the USSR State Security Committee.)

Igor Chekunov

On the morning of April 19, 2011, the son of Evgeny and Natalya Kaspersky Ivan left the Strogino metro station and went to the office of the InfoWatch company founded by his mother - a fourth-year student worked there twice a week as a programmer. At this time, a man got out of a green car parked on the side of the road and grabbed Kaspersky; a second man ran up from somewhere and helped push the young man into the car. They put a mask over his eyes. On the way, the kidnappers changed the car - and eventually took Ivan Kaspersky to a country house.

Eugene Kaspersky at that time was in London. He received a phone call from strangers who told him that he son kidnapped and also demanded a ransom - three million euros. Kaspersky immediately called Chekunov, who took over the coordination of the operation to rescue the chief's son. Four days later, Ivan Kaspersky (all this time he was kept in handcuffs in the bath) came to free a special forces detachment.

Ustimchuk as a military man was tried separately in special order; thanks to a deal with the investigation, in August 2012 he received a term of four and a half years and was not deprived of either his title or awards - and the Kaspersky family withdrew a civil lawsuit against Ustimchuk for 120 million rubles, having received an apology from him and 10 thousand rubles in compensation for wallet and phone, which Ivan missed after the kidnapping.

According to a former top manager of the "Laboratory", who is familiar with both Kaspersky, Natalya suspected Igor Chekunov of organizing the kidnapping. In a conversation with Meduza, Kaspersky did not refute this information, saying only that “whatever our suspicions are, they cannot be sewn into the case.”

Birth of the Orcs

In November 2011, six months after the kidnapping, Kaspersky Lab signed a contract with the FSO for the supply of its products. According to a Meduza source who worked in the company's management, it was after the kidnapping that the influence of the security forces clan in the laboratory increased dramatically. “Kaspersky understood everything abruptly, changed course, canceled the IPO, kicked out American investors and most of the foreign tops,” he says. In the summer of 2011, Natalya Kasperskaya was not re-elected as the Chairman of the Board of Directors of Laboratoriya, and in February 2012 she sold the shares of the company that remained with her. As Bloomberg reported, in 2012 the process of the company's IPO was frozen, which was supposed to take place in partnership with the American investment fund General Atlantic; shares already bought by partners were bought back. At the same time, the company introduced a moratorium on hiring foreign top managers (Evgeny Kaspersky stated that Bloomberg's information about the moratorium was not true).

In addition to Chekunov, the “power clan,” says the former top manager, included the company’s executive director Andrey Tikhonov and the head of the security service, Alexei Kuzyaev. the second is a former FSB officer. Kaspersky Lab refused to answer questions about the past of employees, saying that they "decide for themselves what personal data or biography details they are willing to share." Tikhonov's official biography states that he finished his military service with the rank of lieutenant colonel; Kuzyaev in his LinkedIn reports that he is a graduate of the FSB Academy.

Kuzyaev, according to the source of Meduza, obeyed Ruslan Stoyanov- a former officer of the Ministry of Internal Affairs, who oversaw the department for investigating computer incidents, specially created at the "Laboratory" for cooperation with the security forces. “It was a department created internally that served the FSB and the Ministry of Internal Affairs,” says a former high-ranking employee of the company. "They called themselves 'orcs', they really liked that name." The representative of the "Laboratory" Andrey Bulai, without mentioning the name of Kuzyaev, said that the department for investigating cyber incidents is not subordinate to the head of the company's security service.

Collaboration with intelligence agencies was so close that the “orks” from the “Laboratory” even accompanied the capture teams when they apprehended cybercriminals. “Right along with the FSB men, they went to the point and were not ashamed of it, Stoyanov posted a photo report on how they captured the Lurk group,” recalls a Meduza interlocutor. "It's unprecedented, of course." (Participants of Lurk are accused of stealing about three billion rubles from banks and commercial organizations; about this case.) Sergey Golovanov, a leading anti-virus expert at Laboratoria, confirmed to Meduza that the company’s specialists are going out to make arrests together with operatives to technical support- so that during the search, something important is not forgotten or broken.

According to Kaspersky Lab itself, the Computer Incident Investigation Department began to form in 2012. The service offered by this department of the company "includes operational analysis of a computer incident, its investigation, as well as expert support of a criminal case." According to Bulai’s company representative, it was created “in connection with the growing number of cybercriminal attacks on large and medium-sized businesses in the world and in Russia, as well as the fact that many companies that have become victims of cyberattacks would like not only to restore the efficiency of their systems, but also to achieve criminal prosecution of criminals”. The department's staff, Boulay says, "have knowledge and experience at the intersection of high technology, computer forensics and criminal and criminal procedure law, which allows them to carry out forensic examinations and take part in investigative actions as technical specialists."

Vertukhai style of communication

As the “siloviki clan” gained more and more influence, it began to increasingly conflict with the techies. The technical director of the laboratory, Nikolai Grebennikov, who headed the "clan of techies," told Forbes: back in the summer of 2013, at an innovation summit in Prague, Kaspersky publicly introduced him as his successor as head of the company - but soon after that, clashes began to occur between Grebennikov and the security forces right on the common ground. meetings. According to one of the participants in these meetings, it even reached the point of screaming. The problem, he tells Meduza, was access to the Kaspersky Security Network (KSN): Until early 2014, Grebennikov, as technical director, did not allow the security service to access it, and she did not like it. “There was no massacre, but they were yelling out loud,” the source says.

Grebennikov did not want to communicate with Meduza; in a conversation with Forbes, he also mentioned that "the role of Chekunov is heavily demonized." Kaspersky Lab said it does not comment on "unconfirmed rumors regarding personal or professional relationships between current or former employees of the company."

Designed to take the fight against malware to the next level, Kaspersky Security Network is a "cloud-based security solution" that helps you detect threats much faster. According to a Meduza source who participated in bringing KSN to the market, it is called “cyber intelligence” within the company. The system allows the administrator to request a file from the user's computer that may pose a threat: this allows, in particular, to analyze and neutralize new viruses even before mass infection occurs. At the same time, according to the interlocutor of Meduza, this file can be anything (for example, a document or a spreadsheet) - and the system works "not only in automatic mode." Thus, the source claims, the lab employee can download any file from the computer on which KSN is installed without the knowledge of its owner. “It's like a cool kitchen knife that can be used to perfectly cut bread - and someone else can use its same quality characteristics to cut people,” the source explains.

A spokesman for Bulai told Meduza that KSN "does not have a mode for manually accessing computers." “KSN is a standard cloud-based automated cyberthreat analysis technology that can significantly improve user security,” he added. “Similar systems are used by all leading developers.” Explaining the principles of KSN operation on its own website in 2015, "Laboratory" reported that the system "does not process users' personal data at all." In a newer document on the same topic, the company states that “in accordance with the latest legal regulations adopted in a number of countries, the information processed by Kaspersky Lab may contain data that can be considered personal or identifiable” - and indicates that “does not attribute this data to specific people.”

Connection to KSN is formally voluntary, however, according to a former top manager of Kaspersky, in most cases the system is turned on by default when installing an antivirus. Meduza tested the latest versions of Lab products: when installing an antivirus, the user is asked to agree to participate in KSN; By default, the corresponding checkbox is already checked.

Meduza's interlocutor claims to have been personally present at a product demonstration, during which the company's analysts showed how they got into the computers of the Gamma Group, a British firm that produces software to spy on users (for example, under the guise of iTunes updates) - and downloaded from there the source code of one of these programs. “Later, somehow, this code ended up in the public domain, which greatly harmed the Western company,” says the source.

In August 2014, unknown hackers program code FinFisher developed by Gamma Group; that it was used to spy on civil activists, for example, the governments of Egypt and Ethiopia were accused. Andrey Bulai, a spokesman for Laboratoriya, told Meduza that Gamma Group had never been a client of the company - although in theory the British could have bought Kaspersky's software. "Kaspersky Lab's experts participated in the research of the so-called legal malware created by Gamma Group and other similar companies, the company's products protect our customers from it," Bulai added. According to him, the company's analysts did not have access to the computers of the Gamma Group, and the "Laboratory" does not know who was behind the leak of the British company's data. Gamma Group did not respond to questions related to Kaspersky Lab.

Evgeny Kaspersky, according to the former top manager of the Laboratory, did not participate in disputes between techies and security forces. “Firstly, he is afraid of these guys himself,” Meduza’s interlocutor explains. - They could roar at him in front of everyone: “Che, do you have something to say?” In a gopniche way. In general, their style of communication was not even cops-FSB, but rather vertukhai. At the same time, as Bloomberg reported in March 2015, Kaspersky, along with Chekunov and other employees, regularly went to the bathhouse, which the techies also did not like. Forbes pointed out that the company's foreign managers complained to Grebennikov that they wanted to be removed from the company because they "didn't drink vodka, didn't go to the bathhouse."

In February 2014, when the conflict between different teams of Kaspersky was in full swing, Grebennikov, together with foreign top managers, caught Evgeny Kaspersky at a conference in Punta Cana, Dominican Republic, and presented their development plan for the company. As Grebennikov recalled in an interview with Forbes, this plan, among other things, proposed the demotion of an influential representative of the “siloviki clan” Tikhonov: he was supposed to move from an executive director to advisers. After listening to top managers, the founder of the company soon informed his colleagues that he intended to fire Grebennikov. At the end of April 2014, he called the technical director to his office and told him that he "betrayed the company." “Revolutionaries have two paths: either the throne or Siberia. You are going to Siberia!” - said, according to Grebennikov, Kaspersky.

As a result, by the fall of 2014, six Russian and foreign top managers were fired - the struggle between the security forces and two other clans ended in complete victory. “Chekunov and [then commercial director of the Laboratory Harry] Kondakov got rid of this quasi-successor [Grebennikov], who does not understand anything about corporate intrigues,” he suggested, commenting Forbes publication about Grebennikov's departure on the Roem website, Natalya Kasperskaya's husband Igor Ashmanov.

According to the former top manager of Kaspersky, after the defeat of the "techies", Chekunov and his group no longer had problems getting access to KSN.

"Kaspersky" against the USA

Joint water procedures with people from the FSB soon turned into the first reputational threat to the "Laboratory". In March 2015, Bloomberg published an investigation, "The company that protects your Internet is connected to Russian intelligence": it, in particular, mentioned that Kaspersky goes to the bathhouse with intelligence officers. The agency pointed out that since 2012 there were more people associated with the state in the company - and that the "Laboratory" never investigates Russian cyber espionage. Kaspersky himself said that when he goes to the bath with people, for him they are just friends. “I go to the sauna with my colleagues. It is possible that at the same time the same building is visited by members of the Russian special services, but I don’t know them, ”Kaspersky wrote in his blog, criticizing the Bloomberg publication.

The real problems for Kaspersky Lab began two years later - in the midst of discussions about possible attempts by hackers allegedly associated with the Russian state to interfere in the US presidential election. On May 11, 2017, this issue was discussed at a hearing in the US Senate; when one of the senators asked if the heads of the US law enforcement agencies trusted Kaspersky, all six answered in the negative. In July, the same Bloomberg published a new investigation: this time, it featured internal correspondence from Laboratoriya employees, from which it followed that the company was actively cooperating with the FSB and developing software to combat hackers by order of the department. Among other things, the letters mentioned some "active countermeasures" - these words, as the journalists pointed out, could mean surveillance of hackers and the departure of the "Laboratory" employees on raids together with the security forces. The agency called the same Chekunov the curator of cooperation with the FSB. (Evgeny Kaspersky wrote that "active counteraction" refers to "technical expertise that will help national and international cyber-police authorities identify and neutralize cybercriminals.")

Kaspersky Lab also stated that they “do not and did not have unethical ties,” but the Americans, for whom by that time any mention of a connection with Russia had turned into a sentence, were no longer listening. The American employees of the "Laboratory" began to be called in for interrogations (by the way, the company paid the disgraced Michael Flynn to speak at a cybersecurity forum shortly before he was appointed Trump's national security adviser). In July, the company was removed from the list of authorized suppliers for public procurement; and in September followed an official ban on the use of antivirus by American government agencies. The text justifying this ban specifically mentioned KSN as a technology that requires "agreement to the transfer of large amounts of private data to Kaspersky's servers."

However, the main accusation against Kaspersky became public in the autumn. On October 10, the largest American publications - The New York Times, The Washington Post, The Wall Street Journal - published materials claiming that Kaspersky Lab employees had access to secret files of the US National Security Agency. Information about this appeared thanks to the Israeli intelligence services, who hacked the "Laboratory" back in 2015 (and told the Americans about it). The Israelis claimed to have conducted their own experiment - and found out that the antivirus is specifically looking for files that look like secret ones.

“The capabilities of the system perfectly allow this,” one of the former top managers of the “Laboratory” is sure. “You can easily search by keywords for all the files of interest to Moscow with certain names.”

It soon became clear that the NSA files were leaked from the home computer of one of the agency's employees - it had Kaspersky anti-virus installed on it. The "Laboratory" responded to the publications of the American press with a statement in which it acknowledged that KSN identified the files on the employee's computer as potentially malicious - and indeed sent them to the internal network of the "Laboratory". Evgeny Kaspersky categorically denies that his programs could purposefully search for secret files. At the same time, the founder of the "Laboratory" claims that the archive detected by the system contained malicious files (for example, exploits) associated with the Equation Group hacker group - that is, in fact, the data obtained by the company showed that the NSA is associated with the development of cyber weapons. According to him, when he found out about the discovered secrecy stamp, he immediately ordered to delete the files downloaded by the system. Kaspersky did not specify whether he reported the incident to the NSA.

"Neither the legal department of the company, nor the security service, nor the computer incident investigation department have access to the Kaspersky Security Network," says Bulay, a representative of the Laboratory. According to him, only employees of the research and development department have such access, and the company uses the information received by the system "only in an anonymized form and in the form of general statistics."

By the time Kaspersky Lab was directly accused of cyber espionage in the interests of the FSB, one of key personnel The company has been in a Russian prison for several months. The head of the "orcs" who helped the special services, Ruslan Stoyanov, was arrested in January 2017 - shortly after the arrest of Sergei Mikhailov, one of the leaders of the Center information security FSB, the most important specialist in cybercrime among the Russian security forces. Both are accused of treason; investigation data are classified. However, a recent investigation by The Bell says that Mikhailov, through Stoyanov, with whom they have been friends for many years, shared information about Russian hackers with foreign intelligence services (some of these hackers claimed to have a “protection” in the FSB). Sources of The Bell claim that the United States also learned about who was behind the hacking of the Democratic Party (in America, the attacks were supervised by the Main Directorate of the Ministry of Defense of the Russian Federation) from Mikhailov and Stoyanov.

According to the former top manager of Kaspersky Lab, Kaspersky often went to the bath together with Mikhailov and Stoyanov.

The "Laboratory" stated that Stoyanov's arrest had nothing to do with his work for Kaspersky. Stoyanov himself sent a letter from prison to the Russian authorities in April 2017, warning them against giving hackers “immunity from retaliation for stealing money in other countries in exchange for intelligence.” “If the state suddenly decides to tame the wave of ‘patriotic’ hacking, it will immediately face the huge technological and personnel superiority of the new Russian cybercrime. For example, it took us about two years to investigate the infrastructure of the Lurk group, - wrote the former head of the Orcs. - Just imagine that such a group would be advised by civil servants, and in Kaspersky Lab a part of the expert department would already be imprisoned, and a part would be rendered inoperable. It looks like a complete nightmare." In August 2017, one of the defendants in the Lurk case stated in court that, under the supervision of curators from the FSB, he participated in hacking the servers of the US Democratic Party and Hillary Clinton's correspondence.

In December 2017, Kaspersky Lab filed a lawsuit against the US government: the lawsuit states that the ban imposed by the Department of Homeland Security is unconstitutional because it is based on dubious evidence and violates the company's right to a fair trial.

On January 19, Kaspersky reported on financial indicators for 2017: The statement says that the total revenue of "Laboratory" increased by 8%, while sales in North America decreased by the same 8%. At the same time, the former top manager of the company claims that “now in America, Kaspersky is actually closed, there is only one small team left in Boston.” The company also has offices in Florida and Seattle, he said, but two or three employees work there. Large American companies refused to sell antivirus retail chains, such as BestBuy. In December 2017, the company officially announced the closure of the Washington DC office, stating that "its appointment has been exhausted". A few years ago, it was with its opening that the story of the partnership between the Laboratory and the US government began.

Update January 26. After the publication of this material, Kaspersky Lab said in a letter to Meduza that the company's Boston office has more than 250 employees, and its executive director Andrei Tikhonov served not in military intelligence, but in the air defense forces. In addition, "Laboratory" acknowledged the existence of an internal conflict in 2013-2014 - however, according to its representative Andrey Bulai, this conflict was exclusively "a dispute about strategy and vision of the future between the technical and commercial director of the company." Kaspersky Lab also detailed its position on its official website.

Response from Kaspersky Lab

The original of this material
© kaspersky.ru, 01/26/2018, Photo: Reuters

Propagandists who defeated journalists

What happened?

On January 22, the Meduza publication, together with the American site Buzzfeed, published , which contains great amount distorted or simply incorrect information, in other words, lies.

Okay, but what exactly is not true?

We don't even know where to start. For example, the statement that Evgeny Kaspersky is celebrating the day of the Chekist is presented, firstly, as true, and, secondly, as if it were a crime. We think that the author of the article decided to write about this in order to emphasize a certain spiritual connection between Evgeny and the so-called security forces community and thereby reinforce the main idea of ​​the “investigation” - that Kaspersky Lab is under the hood of the evil KGB.

From a propagandist's point of view, good way to demonize the hero, but, fortunately for us, this is not true. For example, on December 20, 2017, Yevgeny spent the centenary of the creation of the Cheka on a business trip in Singapore in the company of local colleagues (none of them are related to the special services).

Is there really no direct connection? After all, he and his fellow top managers of Kaspersky Lab served in the KGB!

Evgeny Kaspersky did indeed study to be a cryptographer at a higher school, which at that time had three letters “KGB” in its name. During training, he wore a military uniform, and after graduation he worked as a programmer in one of the research institutes of the Ministry of Defense for distribution.

For the late eighties and early nineties, this is quite a typical career for a graduate of this educational institution. It ended in 1991 when 26-year-old Evgeny retired to make antivirus for a cooperative, and since then he has been in free flight and has never worked for the state again.

But what about other top managers? Andrei Tikhonov, Igor Chekunov. Is this your entire clan of security forces? Eugene, probably, cannot even say a word across them!

First, we cannot imagine that Evgeny Kaspersky was afraid of his employees. And secondly, Igor has been in the company for 20 years, Andrey - 17. Both of them really once had something to do with power structures. Andrei rose to the rank of lieutenant colonel in the Russian army, but not in intelligence, but in air defense, he worked at a research institute. Igor really did military service in the border troops of the KGB of the USSR in the 1980s, he graduated from it with the rank of junior sergeant, he is proud of it, and since then May 28 of every year celebrates the day of the border guard.

Then he worked, including in the Ministry of Internal Affairs, and this experience was subsequently very useful for the company in organizing the fight against cybercrime and establishing cooperation with law enforcement agencies. These are facts that can be documented with the help of colleagues, colleagues, relatives, friends, and so on. Both Igor Chekunov and Andrey Tikhonov are in the company's management not because they are "siloviki", but because they have the experience, knowledge and skills that the company needs.

Here you yourself admit: every top manager you have is a security official! How are you not under the hood?

First, if you want to find a good specialist in security, you're not likely to consider art school graduates, right? This is a common practice in many countries around the world. Look at the top management of many of our competitors, their biographies, and you will be surprised how many so-called "siloviki" are among them. We need competitive and competent people, and it doesn't matter where they come from (well, except for crime - we don't hire "black" hackers). It is clear that, for example, experienced ballerinas or confectioners are not very suitable for the security service.

And secondly, take a look at how many materials we have published about Russian-speaking cybercriminal groups and groups engaged in cyber espionage at a clearly state level, and then try to imagine whether a company is allowed to disclose such information, if it is “under the hood”?

You are distorting it, it’s just that you were allowed to publish something that no longer has value for the “siloviki”

Here is our Russian-speaking group CozyDuke (aka CozyBear), published in 2015. It is this group, along with another - Sofacy, which we talked about in the same 2015, in next year was found in the networks of the US Democratic Party. According to the results of the investigation American experts, the attack began just in 2015, and as a result, one of these groups stole the infamous correspondence of party members.

If Kaspersky Lab was controlled by Russian security forces and spies, would they allow us to publish research on hacker groups allegedly working for Russian security officials and spies - and to do this when these hackers were hacking or were about to hack US elections?

It is interesting that the publications, which in the past few years have released a lot of investigations about us, for some reason stubbornly ignore these facts.

Well it's just a coincidence

Over the past few years, we have published 18 different studies on Russian-speaking gangs, and reports of such gangs regularly appear in our non-public reports for clients (you can read how to subscribe) - so, of course, a coincidence. Or not?

But the journalist did an investigation!

You could probably call it an investigation, but when we read it, we got the impression that it mainly consisted of a conversation with the so-called “former top manager of Kaspersky Lab.” This man, judging by the text, is not very aware of what is happening in the company, since he left it about four years ago, and this fact of the biography is still a thorn in his heart. He tells lies after lies, and the journalist broadcasts this, for example, that the company in America "left one small team in Boston." Well, to whom and 250+ people, of course, a “small team”.

Unfortunately, we must admit that not all of our former employees have gone smoothly. It happens like this: people leave, retaining grievances, and, apparently, in the case of the sources of the author of the article, this is the case.

You are slandering in vain, this is an objective article, your press service is always quoted there!

There is such a classic case about journalistic objectivity. If we publish in one article the opinion of a Nobel laureate that vaccinations are a safe way by which humanity was saved from terrible epidemics, and then a quote from a person from some independent center, according to which vaccinations cause autism, then a lot of people can be frightened and decide not to vaccinate their children, further endangering their lives.

Many readers in general tend to believe fascinating and chilling stories, especially ones that resonate with their fears and ideas about the world, rather than dull boring facts. And the article exploits this property. People who are not familiar with Kaspersky Lab will believe the anonymous fantasies from the offended former employee, supported by the authority of the publication, and not some essentially true, but dull as a cast-iron frying pan, formally sounding words of the press secretary.

Perhaps there are some inaccuracies in the article, but in the main, the author is right!

There was no clash between the security forces clan and the techies in the company, just as such clans themselves did not exist, and there were no changes in the management structure during the period described.

Conflict in the management of the 2013-2014 sample. really happened, and such stories are normal for any living and developing company. At the same time, the conflict was not about that at all, it was a dispute about strategy and vision of the future between the technical and commercial director of the company.

No one has ever fought for access to our KSN cloud. Igor Chekunov personally, the Cyber ​​Incident Investigation Department (ORKI), and the company's security service did not have access to KSN in 2013, and still do not have it in 2018. Only developers have access. And we have launched a project to increase the openness of the company and will audit all these processes with independent experts.

Orcs have never obeyed the security service, and still do not obey. The IPO plan was canceled not because of the mythical security forces, but because it turned out that being a public company is excruciatingly bureaucratic, and we already had enough money for development.

No one in the company has ever called KSN “cyber intelligence”, because there is no point in calling this system that way. KSN does not have manual mode and the system is technically impossible to use for individual access to a single computer. We have never hacked into Gamma Group computers, much less at product demos, and downloaded their source code. We detect this company's products as a threat because they develop malware. And so on and so forth.

By the way, our “orcs” are very techies, so the title, to be honest, is not very good. If all this is removed, then what, in fact, will remain of Ilya Zhegulev's material?

[RBC News Agency, 01/26/2018, Kaspersky Lab responded to Meduza about the company's ties with the FSB" : Meduza journalist Ilya Zhegulev, answering RBC's question about whether, as Kaspersky Lab claims, the investigation based on one source, said that “the answer to this question actually affects the right to protection of sources.” “All the information is fully set out in the material,” he said. - Inset K.ru]

"Chekunov, of course, is a nit, but he had nothing to do with the KGB"

"The first half of the article, where what I know contains lies, fabrications and errors in every phrase"

The original of this material
© TJournal , 26.01.2018

Igor Ashmanov vs Meduza

Sergei Vasiliev

On January 22, the Meduza publication published an investigation into the connection between Kaspersky Lab and the Russian security forces. In a discussion of this article on Roem.ru, the current husband of Kaspersky's ex-wife, Igor Ashmanov, pointed out a number of blunders in both the Russian and English versions that were published by BuzzFeed.

These mistakes cast doubt on the entire investigation, although Ashmanov can no longer comment on what happened after 2011. About the Russian article, he wrote the following:

I asked Natalya about the alleged holiday. A complete lie. Almost every word.

- There are no “friends in the FSB” with whom he allegedly celebrates either. In general, he always tried to stay away from the FSB. He wanted to be a man of the world, in the 90s he planned to move to the West. His idol is Branson, he wants to be a Russian Branson , and not at all the FSB officer.

In fact, he was never an FSB officer. He graduated from the faculty of cryptography high school The KGB, Chekists from the operational faculties call such condescendingly “binomers” or “binoms.” Then for three years in the late 80s he worked as a programmer in the military unit of the Moscow Region (not in the KGB), then in 1991 he left for the commercial company KAMI.

Nikolai Grebennikov was not the "chief developer of antivirus", he never even was a developer. He worked in the virus analytics department. The guy is smart, yes, he got up quickly - but not a developer.

- “in particular, the former KGB officer Igor Chekunov” - Chekunov, of course, is a nit, but he had nothing to do with the KGB. He is a former cop, a police sergeant, as if with a law degree, but we (during the investigation of a corporate conspiracy) were unable to find that university and such a student.

- “Four days later, Ivan Kaspersky (all this time he was kept in handcuffs in the bath) came to free the special forces detachment.” - is also a lie. The word speznaz is used in American horror stories. It looks like it was written for them. In reality, he was looking for villains and freed the hostage MUR.

- “And the Kaspersky family withdrew the civil lawsuit against Ustimchuk for 120 million rubles, having received from him an apology and 10 thousand rubles in compensation for the wallet and phone, which Ivan missed after the kidnapping.” Most likely, an invention. There is no "Kaspersky family". There is a separate Kaspersky with a Chinese wife, there is my family. Natalya, of course, did not settle anything with the villain. And she didn't ask him for money. Kaspersky, too, most likely - because there is no civil lawsuit in the case (and there should be one). Maybe Casper wanted to blame, but changed his mind.

- “... In a conversation with Meduza, Kaspersky did not refute this information, saying only that “whatever our suspicions are, they cannot be sewn into the case.” Natalya did not talk to Meduza. For several years, the journalist could introduce himself as someone else, Natalya did not say anything to Meduza.

- “It was after the kidnapping that the influence of the security forces clan in the laboratory increased dramatically. “Kaspersky suddenly understood everything, changed course, canceled the IPO, kicked out American investors and most foreign tops” Fiction or deliberate lie. Natalia left in February 11, BEFORE the abduction. The year was confused, most likely on purpose. Natalya's exit with money - great luck that they managed to get rid of Casper and not lose the result of 15 years of work. It has nothing to do with the kidnapping. The Americans stayed in the company for exactly a year, they left at the same time in early February 2011, BEFORE the kidnapping, with horror, looking closely at Casper's muzzle, there was no need to “knock them out”. They saved the money - and okay. It was the fact that the kidnapping took place after Natalya left that made us wonder - what was the purpose. The attack was not on Kaspersky, we are sure of that. But he fell through anyway, so we never found out the real demands of the organizers.

Igor Ashmanov

About English it is:

Well, in Basfeed there is even more kionism and lies. In particular:

- “Chekunov took the lead in coordinating the rescue operation.

Nonsense. The operation was led by Colonel Plekhotin, head of the department of the MUR, which is engaged in the search for hostages and the fight against human trafficking.

Chikunov did not appear at Petrovka-38 either, he came there once. He had nothing to do with the investigation - his people were preparing a bag with a ransom, which I had to carry to a meeting with the villains, this was their main contribution.

Well, here is this muck, thrown in with the obvious goal of scaring the Americans with “spetsnaz”:

- After four days, Russian special operations troops, known as Spetsnaz, came to Ivan's aid, freeing him from the handcuffs he'd been locked in since his capture.

The word is hyped, it was necessary to shove it to make it worse.

It is written that this former sergeant allegedly undertook, and organized the search and release. But the reality was that Chekunov persuaded us for a day NOT to contact the police, only by threatening that we would do it immediately ourselves, we forced him and Kaspersky to file an application.

internal struggle for control that pitted allies of the Russian secret service against “tech-savvy” staff and Western investors.

It's also nonsense, they pretend that "Western investors" fought against the Chekists. Because they are good. Yes, even with technicians. They didn't fight anyone. We spent a year and left.

Grebennikov attempted to coup the company years after these Western "investors" left.

There, even the dates cannot be reproduced normally:

Since its founding in 1998, Kaspersky Lab has grown into an international giant in computer security

The lab was founded in June 1997, just celebrated its 20th anniversary this summer. What kind of branded Western fact-checking is there.

In general, the newspapers always write the true truth, except in those cases when you yourself know what the matter is. But here it’s not just the newspaperman’s stupidity, but an ideological stuffing.

Igor Ashmanov

What Ashmanov believes is the main lie in the Buzzfeed article:

The main lie of the publication in Buzzfeed, in my opinion, is this one:

"""The system's capacity allows this e„ the former senior manager said. "You can easily search for, using the keywords, any files Mosc"nterested in with specific names.""

They essentially imply that LK has built a full-text indexer of texts (and files) on the user's computer. Moreover, hidden, running in the background. Google could not make a local search engine, closed it; Yandex could not, closed it. Microsoft did, slows down, indexes for a long time, not looking for everything.

And LK - was able, therefore, to make a super-search engine for hundreds of millions of users' computers, never in history being engaged in search engines.

Perhaps Bazfeed meant searching by filenames, but it seems that they are imposing the idea of ​​​​search keywords in the body of documents and other files. Directly from Moscow. On the computers of the NSA.

In principle, for people brought up on Hollywood films about hackers climbing into the screen and rushing there through multi-colored luminous tunnels, it will do.

Igor Ashmanov

Site ® - Registered trademark. St. No. 319929. 18+.

At the end of April 2014, Evgeny Kaspersky briefly appeared in his capital office on Leningradskoye Shosse. The head of Kaspersky Lab had, as always, a busy schedule: in January he opened a new office in London, then he was in Davos at the World Economic Forum, in February - in the Dominican Republic, Brazil and Chile, and in March - in Rome and Hanover . In Moscow, Kaspersky was faced with an important but extremely unpleasant task: he had to fire his successor, 36-year-old technical director and member of the Managing Board of the Laboratory, Nikolai Grebennikov.

When Grebennikov appeared on the threshold of the transparent “aquarium” cabinet with the sign “Eugene’s Escape”, Kaspersky, sitting at the table, nervously twisted a fountain pen in his hands. “You betrayed the company,” Grebennikov recalls his words. - And the revolutionaries have two ways: either the throne, or Siberia. You are going to Siberia!” On the same day, Kaspersky announced to top managers that the technical director, who had worked at the company for 11 years, was leaving. Almost simultaneously with Grebennikov, six Russian and foreign managers left the Laboratory, who, according to the owner, were "preparing a coup" - they were trying to take over the management of the company.

Unopened "parachute"

A little more than a year later, on June 5, 2015, Grebennikov left the hall of the Golovinsky District Court of Moscow, outright losing the lawsuit against Kaspersky Lab. The former technical director tried to get the company to pay compensation of 17.7 million rubles, but the court sided with his former employer.

Grebennikov lost not only money, but also new job in Sberbank, where for six months he was an adviser to the first deputy chairman of the board of Sberbank Lev Khasis on cybersecurity - in the midst of the process with Kaspersky, the bank did not renew his contract.

Now Grebennikov has decided to stop legal disputes with Laboratory and wrote a letter to Evgeny Kaspersky and top managers of the company full of sincere repentance: “I didn’t want to“ win ”anyone, but I wanted to“ survive ”in the conditions of confrontation that I imagined, and I made a deal with my conscience, deciding that the war is like a war. But apparently there was no war. Neither Kaspersky nor his deputies responded to this letter.

Grebennikov joined Laboratoria in 2003 as a systems analyst and quickly made his career. “Kolya is capable and very energetic. In addition to a quick mind and good technical knowledge, he had quite good managerial skills, ”recalls the former General Director of Laboratory, Natalya Kasperskaya. According to her, already in 2006, under the actual leadership of Grebennikov, the Department of Innovative Technologies (DIT) issued several serious developments (Kaspersky himself was the formal head of the department at that moment). “I thought that in three or four years he could become a great technical director. However, he became it much faster, ”Kasperskaya notes.

In 2007, after a quarrel with Evgeny Kaspersky, Natalya left the post of CEO, as compensation she was offered the chair of the board of directors and a controlling stake in the InfoWatch subsidiary. Kaspersky himself began to manage the company, Grebennikov was immediately appointed director of DIT, and a year later he became the technical director of the entire company.

By the beginning of 2009, the technical department, which was formed as a result of the merger of DIT and the product development department, consisted of 640 people. Grebennikov was then about 30 years old. “I think such a rapid rise is a serious test for any person,” says Kaspersky. “Such a rise gives rise to confidence in one’s omnipotence, the result of which in this case was that Nikolai decided: if he is such a cool techie, then he will deal with business.”

Operation Successor

In the summer of 2013, at an innovation summit in Prague, Kaspersky, according to Grebennikov, publicly introduced him as his successor as CEO. The founder of the "Laboratory" spent a lot of time on business trips and travels, it became necessary to transfer operational management to a reliable person. V different years such people were Natalya Kasperskaya, later - Evgeny Buyakin (executive director, left the company in December 2011).

“I got the feeling that Zhenya [Kaspersky] was promoting me,” Grebennikov recalls. “He said that we are doing great with R&D, but I still need to gain business experience.” The head of the "Laboratory" does not remember the official presentation, but confirms that "very many in the company, including Nikolai himself, understood that theoretically he was one of the most promising candidates for my position in the future."

By the end of 2013, Kaspersky Lab was one of the four largest antivirus companies in the world: its antivirus protected more than 300 million users in 200 countries. There were 2800 people in the state, offices were located in 30 countries of the world, revenue at the end of 2013 was $667 million.

However, there were no less problems: revenue growth slowed down at a catastrophic pace - from 40% in 2009 to 6% in 2013, sales almost did not grow. The arrival of the first third-party investor (the American fund General Atlantic in 2011 became the owner of 18.7% of the shares of Kaspersky Lab) turned into financial losses, a year later the company bought back its shares.

“The company was not as efficient as it could be,” Grebennikov notes. “Our affiliate network was able to sell only antivirus and was not able to sell more complex things. Attempts to discuss extremely low margins and serious steps to enter the corporate segment of the market went into the sand. Meanwhile, the plans were ambitious: at the end of 2014, "Laboratory" expected to receive revenue of $1 billion (in fact, $711 million came out).

Grebennikov recalls that Kaspersky own initiative added to him, in addition to the functions of R & D, the management of the entire mobile direction. In addition, the technical director himself asked to transfer the area of ​​​​protection against fraud that he had been promoting for a long time (Kaspersky notes that the decision was made collegially at the board of directors).

The expansion of the powers of the technical director could not but cause dissatisfaction with the commercial director Garry Kondakov, which over time, according to Grebennikov, resulted in a confrontation between developers and sellers. Kaspersky does not see this as a tragedy: confrontation between developers and vendors is a daily reality for any technology company. “This is a complex interaction, and finding a balance is very difficult. managerial task, because in the end it is necessary to combine almost opposite interests, ”he notes.

Kondakov was supported by executive director Andrei Tikhonov and head of the legal department Igor Chekunov. “Perhaps they did not like that my powers were expanding, they did not want to see me in the position of general director,” Grebennikov believes. For him, these were experienced and dangerous opponents. Chekunov is for Kaspersky not just a lawyer who "knows how to win court cases." Chekunov, a former police officer, oversees the company's department for investigating computer incidents, Kaspersky's personal security (he played a big role in the release of his kidnapped son), and is responsible for interaction with the Ministry of Internal Affairs and the FSB.

By the end of 2013, the relationship between Kaspersky and Grebennikov had changed dramatically. There were several incidents, the responsibility for which fell on the technical director. “Before, Evgeny and I always argued, discussed, and then he seemed to stop hearing me, saying that we only think about bonuses,” Grebennikov recalls. “Zhenya began to put all the problems in a piggy bank, it seemed that someone was warming him up.” Kaspersky did not respond to Grebennikov's letters, an attempt to improve relations with Garry Kondakov did not bring results.

At that moment, Grebennikov, who fell into disgrace, came to the aid of two people: Garry Cheng, Managing Director of the Laboratory for the Asia-Pacific Region, and Steve Orenberg, Managing Director for the countries of North and South America. A native of Hong Kong, Garry Cheng, according to former Laboratory employee Rustem Khairetdinov, is a very powerful lobbyist with connections not only in China, but throughout Southeast Asia. Cheng did not respond to Forbes questions.

In January, two days before the trip to Davos, Grebennikov flew to Cheng in China. He confirmed to the technical director that they wanted to remove him from the company, saying that he was like a bone in his throat - in the sense that he did not drink vodka, did not go to the bathhouse. Orenberg was of the same opinion. In addition, both did not develop relations with Kondakov and had their own proposals for optimizing the work of the company. Thus, the idea was born to tell Kaspersky about the company's problems and propose a plan for the development of the "Laboratory" until 2020 in the form of a presentation. The meeting was decided to be held a month later, in February 2014, in the Dominican Republic.

29th slide

Hard Rock Hotel, Punta Cana. “It’s hot all around, the ocean is noisy, palm trees rustle, the sun burns. But we do not pay attention to weather adversity. We are working! - Evgeny Kaspersky wrote in his post dated February 13, 2014. Here, at the very edge of the Dominican resort paradise, Kaspersky Lab hosted the IT Analyst Conference, the North American Partner Conference and the Global Security Assessor (SAS) Convention. On one of the days of the summit, Grebennikov invited Kaspersky to come into the hotel room.

“Zhenya entered the room and immediately tensed up,” Grebennikov recalls.

Eight people were waiting inside Kaspersky: in addition to the technical director, there were Cheng, Orenberg, the head of corporate marketing in the Milan office, John Malatesta, and several other managers - members of the company's governing board.

The meeting participants developed a presentation plan in advance, but everything went wrong. “Kaspersky took everything with hostility, he seemed to have missed our proposals,” Grebennikov recalls. The last slide in the presentation was slide 29, which showed the updated structure of the top management team, which was ready to take on the implementation of the plan. The position of executive director (COO) was introduced, which was occupied by Grebennikov, the rest of the top managers were subordinate to him, with the exception of Chekunov. Kaspersky remained CEO, President, Chairman of the Board of Directors and co-owner.

In the new scheme, the positions of two people changed: executive director Andrei Tikhonov was made an adviser, and Garry Kondakov was removed from the position of head of sales (Grebennikov says that both salesmen - Orenberg and Cheng - were categorically unwilling to work with Kondakov as head of sales in Europe, the Middle East and Africa), abolishing the position of Global Head of Sales. “It didn't sound like an ultimatum, it was an offer. Evgeny flew a lot, and the COO scheme worked well and was comfortable for him during the time of Evgeny Buyakin, this is the option we proposed, ”Grebennikov assures.

Whether or not to insert this slide into the presentation, the participants of the meeting discussed up to the last moment. But they decided that “in war, as in war: if you don’t shoot, they will shoot at you.” It so happened that the presentation turned out to be a crossbow. Kaspersky was left alone with Cheng and Orenberg and said he intended to fire Grebennikov. “Two days later we met at a party, Zhenya put his arm around me and said: what kind of nonsense have you come up with, revolutionaries,” says Grebennikov. But Cheng and Grebennikov, who spoke with Kaspersky after the presentation, were sure that "Casper had moved away." However, this was not the case.

Of the eight people who took part in the presentation, six were forced to leave the company: Grebennikov, Cheng, Orenberg, Malatesta and two Russian managers.

“Grebennikov was carried out by Chekunov, and with him five more rising stars,” assures one of former employees companies. Grebennikov does not agree with this assessment now: “The role of Chekunov is strongly demonized. In recent months, I am grateful to Igor for his support in an extremely difficult period of life.

The head of the "Laboratory" himself confirms that the conflict has been settled. “My main complaint against them is the form in which they did it,” Kaspersky told Forbes. “I admit that they could have had quite a good and honest motivation to change something in the life of the company for the better, but they chose completely unacceptable means.”

After leaving the "Laboratory" Grebennikov came to his senses for several months. “There was complete apathy. I thought my life was over,” admits the former technical director. But in September 2014, he was invited to work at Sberbank as an adviser to Lev Khasis on cybersecurity. Six months later, Grebennikov headed a subsidiary of the bank, which was engaged in the protection of ATMs. “We promoted the idea that the company could become a contractor for some fraud protection projects (cross-channel AntiFraud),” Grebennikov recalls. The idea found support from the management, an approximate budget had already been calculated, and it was defended at the competition committee.

At the same time, the former technical director tried to settle his financial issues with Kaspersky Lab: by agreement of the parties, by the end of December 2014, Grebennikov was supposed to receive 17.7 million rubles in compensation, but he never saw this money.

The company's lawyers argued that, by going to work at Sberbank, Grebennikov violated the clause of the agreement on the non-distribution of confidential information - we are talking about the presentation of business plans on cybersecurity issues.

In March 2015, the fixed-term contract at Sberbank with Grebennikov was not renegotiated. The source assures that Grebennikov was removed from Sberbank not without the intervention of top managers from Kaspersky Lab. “We certainly did not threaten him with anything,” Kaspersky notes. - We recommended Grebennikov as a very good specialist and gave him a good reference to Sberbank. I don't know all the details why he left there." Sberbank Forbes confirmed that there was a fixed-term employment contract between the bank and Grebennikov, which provided for the performance of certain work in a limited time. "All obligations under this employment contract were fulfilled by the parties in full. There was no need to continue further cooperation between the parties,” Sberbank representative Polina Trizonova told Forbes.

In June, Grebennikov lost a lawsuit against Kaspersky Lab in the court of first instance, but does not intend to appeal. In an interview with Forbes, he asks not to look for conspiracy theories in the events that took place, emphasizing that there were only two reasons for his speech in Punta Cana: the desire to optimize the work of the "Laboratory" and the fear of losing what he built in 11 years.

“The experience of his dismissal from Kaspersky Lab is extremely useful for him,” says Natalia Kasperskaya. - Yes, it hurts, but it sobers up and makes you calmly assess your capabilities. I also had a huge shock after breaking up with the "Laboratory". But now I'm independent and pretty successful business". Grebennikov is now busy developing a mobile game and assures that the project has dragged him in with his head.