Licensed Russian IT company partners with Microsoft and IBM

On Thursday, the Treasury beat six Russian tech companies with sanctions to support the Kremlin intelligence agencies engaged in “dangerous and devastating cyberattacks.”

But its international footprint and partnerships with IT giants such as Microsoft and IBM stand out in only one of them.

Its company, Positive Technologies, has more than 2,000 customers in 30 countries, including major European banks Societe Generale and ING, Samsung, South Korea’s SK Telecom, and UK telecommunications giant BT.

According to the Treasury, its clients also include the FSB, the successor to the KGB, which “cultivates and hires criminal hackers” to carry out ransomware and phishing attacks. The United States said the large conference hosted by Positive Technologies would be “used as a recruitment event” by the FSB and the Russian military intelligence agency GRU.

GRU Agent is a swashbuckler of Russian intelligence. The agency has been accused of leading Operation Hack and Leak, which blocked the 2016 US presidential election in support of Donald Trump. The agent also carried out the most damaging cyberattack on record. It is a runaway 2017 NotPetya virus that has caused more than $ 10 billion in damage worldwide, including victims of shipping giant Maersk and pharmaceutical company Merck.

Karen Kazarian, CEO of the Internet Research Institute, backed by the software industry in Moscow, said she was unfamiliar with most Russian IT companies. Sanctions on thursday.. However, Positive Tech is well known in the industry at the annual HackDays conference, which takes place May 20-21 at hotels in Moscow.

Former CIA analyst Michael van Landingham praised the naming and sanctions of Russian IT companies that have supported and are known to have supported malicious government activities.

“Name a particular company can give incentives to educated and skilled Russians who may be able to get jobs elsewhere that do not support Russian national hacking. “He said.

Positive Tech’s specialty is to identify vulnerabilities in common software such as Microsoft’s Windows operating system. Intelligence agencies around the world rely on businesses on a regular basis, such as quietly sharing to hack enemy networks, rather than exposing them when they find a strong vulnerability.

The United States did not blame Positive Technologies for such actions, and the Treasury refused to answer questions about the company’s activities. Press release.

Also, Microsoft spokespersons do not discuss the business relationship between the company and Positive Tech. On that website Microsoft has named it one of over 80 security software providers that provide early access to vulnerability information so that customers can get patches quickly. IBM also lists Positive Technologies As a security partner, we provide our customers with one of our scanning tools.

IBM did not respond to a request for comment on Thursday. Neither was the other US tech companies HP and VMware listed as technology partners by Positive Technologies.

On its website, Positive Technologies lists Russia’s Ministry of Defense as one of its first major customers. It was two years old in 2004 and had only 11 employees. In 2018, we had more than 800 employees.

Russia’s largest business database lists the company’s CEO and founder, Yury Maximov. He is little known except after graduating from Moscow State University. The company did not answer questions sent to the press on its website.

The Positive Tech website boasts many achievements, including providing cybersecurity for the 2018 Russia-sponsored Soccer World Cup and publishing data on 30 high-risk vulnerabilities in the same year. I will. He said he opened his first international office in London in 2010 and his first US office in 2012.

The company may use Framingham, Massachusetts as the US location for news releases, but it is not recorded in city or state records as a company by that name. The office building with the address linked to the company is a coworking space that can be rented under flexible conditions of “one or more people”.

Market research firm IDC named Positive Technologies as one of the fastest growing companies in security and vulnerability management in 2012. That’s because it was so small at the time that global revenues increased nearly 82% year-on-year to $ 30 million. Almost all of that revenue came from vulnerability assessments. However, by 2015, the company’s global revenue had fallen by 37.6% to $ 26.5 million, eventually stopping company tracking, according to IDC.