01 Feb

Now-Secret Owner of Threatpost, Kasperky Lab, Apparently Fired Editor For Retweet of Article About Owner’s Ties to Russian Intelligence

One of the big roadblocks we see to improving the security of WordPress websites (as well website security and security more broadly) is the really poor state of security journalism. Among the many issues that have created that situation seems to be the ownership of security journalism outlets by security companies, seeing as good security journalism would at this time consist of a lot of critical coverage of the poor state of the security industry (to put it lightly) and for various reasons that is less likely to happen when security journalists work for security companies or may be working for them in the future.

One such outlet is the Threatpost, which was until October 2017 publicly owned by the Russian security company Kaspersky Lab (here is homepage on October 20, 2017 with the footer reading “The Kaspersky Lab Security News Service” and here is it on October 25, 2017 with that gone). Both before and after that happened the Threatpost was promoted as “an independent news site”, despite that seeming to not be an accurate description.

So what happened in October 2017 that might have led to the removal of any mention of Kaspersky Lab owning the Threatpost? As we mentioned before, it didn’t appear that this was due to them no longer being connected. There is something else that did happen in October 2017, described in May 2018 Motherboard article “Who’s Afraid of Kaspersky?” thusly:

Tensions between the US government and Kaspersky Lab were first reported in mid-2017, but they ratcheted up in October, when The New York Times and The Wall Street Journal dropped a bombshell. In 2015, Israeli government hackers broke into Kaspersky Lab servers, an incident the company acknowledged but downplayed by saying no sensitive data was stolen. But according to the new reports, the hackers watched in real-time as Russian spies used Kaspersky Lab’s antivirus to scan for classified and sensitive US government documents, and then stole some.

We came across that article when we went looking again to see if anyone else has discussed the ownership issue and the hiding of it. Buried a bit in the search results we found that article based on the following mention of the connection deep in to the article:

Eugene and the company were not happy about the story. So much so that Paul Roberts, then an editor of Threatpost, a cybersecurity blog fully funded by Kaspersky Lab, told me he was fired for retweeting the story from the publication’s official Twitter account. The order from Moscow, Roberts told me, was not to acknowledge or respond to the piece. (Eugene Kaspersky said that Threatpost is an “independent team” over which the company has “no editorial authority.”)

That seems to confirm that Kaspersky Lab continued to own the outlet post removal of the notice of that on the website.

If what is claimed there is true it makes the “independent” claim look even more ridiculous.

The story referenced in that quote was a Wired article “Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals“.

What else is mentioned about the Wired article seems fairly troubling as well:

Kaspersky, holding a glass of what looked like vodka, took a step back, paused, and grimaced. “You know,” he said, “I think Symantec paid for that article.” When I asked him again about this encounter for this article, Kaspersky said he did not remember that conversation, “but Symantec paying for an article to hurt us seems quite improbable to me.”

The Kaspersky referenced there is Eugene Kaspersky, the CEO of Kaspersky Lab. Having a security news outlet run by a security company with a view matching his first statement should raise serious questions about their journalism.

What is outside of our focus, though seems like it should be the focus of additional inquire is that you have a major US based security news outlet that is secretly owned by a Russian company that has ties to Russian intelligence claimed by the US government (other governments have similar concerns) that led to among other things, Twitter blocking them from advertising.