Russian cybersecurity expert charged with treason for sharing ‘secrets’ with US firms

Remember when Ruslan Stoyanov, a top cybercrime investigator for Kaspersky Lab, was arrested and charged with treason? It is now being reported that the treason charges were for allegedly passing state secrets to Verisign and other US companies.

An unnamed source told Reuters that the accusations of treason were first made in 2010 by Russian businessman and founder of the online payment firm ChronoPay, Pavel Vrublevsky. The December 2016 arrests of Stoyanov and two FSB officers, Sergei Mikhailov and Dmitry Dokuchayev, were in response to those 2010 claims that the men had passed secrets on to American companies.

“I can confirm we (Chronopay) expect to be part of this case,” Vrublevsky told Reuters. “In 2010 we provided the FSB and other important Russian agencies with evidence that at least one FSB employee, as well as several other people, were involved in treason.”

When he first made the allegations, Vrublevsky had been arrested and convicted for organizing a cyberattack on Chronopay’s competition, a rival online payment firm. He claims the charges against him were a result of information about his business practices which were “illegally leaked” by FSB officer Mikhailov to Stoyanov who had contacts with American firms like Verisign. Vrublevsky is now on parole and denied any wrongdoing.

Verisign denied that it received information that would be classified as “secret.” The company’s iDefense unit does compile dossiers on cybercrime for businesses and government agencies, but claims none of the information was classified. Former iDefense analyst Kimberly Zenz said, “Nothing like the arrangement as described by Pavel Vrublevsky ever took place.”

Verisign Vice President Joshua Ray also told Reuters that its reports to government agencies and other customers include information acquired in “unclassified ways;” he doesn’t believe any of the shared information included state secrets.

An unidentified source told Reuters that a fourth man, Georgy Fomchenkov, also had been arrested in the case. He is believed to be a former FSB officer.

When the news first hit of Stoyanov having been arrested for treason, Kaspersky Lab released the following statement:

The case against this employee does not involve Kaspersky Lab. The employee, who is Head of the Computer Incidents Teams, is under investigation for a period predating his employment at Kaspersky Lab. We do not possess details of the investigation.

The work of Kasperksy Lab’s Computer Incidents Investigation Team is unaffected by these developments. 

Why Russia would suddenly be interested in a seven-year-old case is not fully understood. Reuters’ source claimed that Russian authorities sometimes use “old cases as a way of charging people suspected of later crimes.” However, the timing also corresponded with the US accusing Russia of meddling in the presidential election.

Kaspersky’s former top cybercrime investigator, Stoyanov, as well as Fomchenkov and Mikhailov, had filed appeals. Reuters reported that the Moscow District Military Court, which often deals with “sensitive cases relating to state security,” rejected the appeals.

Hopefully something will turn around for Stoyanov, considering how much good he has done in exposing Russian cybercrime.