19

In this article, McClatchy DC bureau claims that one of the certificates the Kaspersky Lab received from Russian FSB/KGB reveals that the entire Kaspersky Lab joint-stock company is actually a FSB military unit #43753.

Kaspersky Lab is a company that develops antivirus software, available worldwide at retail and online shops.

McClatchy's scan

So, the question: Is Kaspersky Lab a military unit?

Be Brave Be Like Ukraine
  • 2,329
  • 2
  • 21
  • 30
  • 4
    All else aside, the FSB isn't military, and thus doesn't possess any military "units"? Military intelligence would be GRU. The assertion that FSB is military seems ignorant. –  Jul 17 '17 at 09:31
  • 1
    @inappropriateCode Aren't border guards and coast guard under FSB? If we're being sufficiently unprecise, they might be referred to as "military". – AndrejaKo Jul 17 '17 at 10:44
  • 4
    @AndrejaKo I don't know. Though upon further inspection, apparently FSB are legally considered a military service. So my initial thought was incorrect. –  Jul 17 '17 at 10:50
  • Have you ever tried uninstalling their software? I work in IT and after 3 weeks of trying I have decided to just buy a new PC! – Code Gorilla Jul 18 '17 at 11:38

1 Answers1

25

While there's no proof, this seems like an incorrect assertion.

  1. Based on the wording, this most likely seems like either a typo (or simply a rather grammatically-challenged typist); or simply two independent targets to give certificate to (probably, the vendor and the asking unit).

    • The latter appears to have evidence backing it up by a series of similar certificates, both covering two entities but NOT always Unit 43753), linked in a comment by @Joker_vD below.

    • If it's the former case (wrong wording):

      The document structure seems to be "Issued <<BY XXX>> <<TO YYY>>" - where "By XXX" is the FSB Unit 43753 and "To YYY" is Kaspersky lab.

      Except that whoever typed it, typed "войсковой части 43753" (which is a wrong inclination) instead of "войсковой частью 43753" (the latter is "by whom" the former is "to whom").

      Based on the rest of the evidence presented below; the hypothesis that this is a (more likely) two recipients or (less likely) a grammar issue, as opposed to an accidental leak, is more likely.

  2. There appear to be evidence of similar certification of other antivirus products, here's one for "Dr. Web" issued several years ago:

    (in all fairness, this could have been a clever photoshop to remove suspicion from Kaspersky... but in that case the original image could be a clever photoshop to cast suspicion on Kaspersky... so let's not assume photoshopping either way or the question becomes meaningless).

    Note that this other certificate:

    • Is dated couple of years yearlier (and version of software matches the date roughly).

    • Is in color whereas the one OP included is black/white.

    • Is a much better quality scan.

    It'd be quite hard to photoshop this one from OP's Kaspersky one (or vice versa, really).

    enter image description here

    More importantly, there seems to exist a series of similar certificates, both covering two entities but NOT always Unit 43753, linked in a comment by @Joker_vD below.

  3. Unit 43753 appears like a big spender.

    It issued a whole boatload of tenders, both the amount and specific tenders match up with a possible NSA-like unit (e.g. people in charge of signals intelligence).

    Here's a sample tender from that DB for 2017:

    Поставка специального программного обеспечения для проведения анализа информации, хранящейся в мобильных устройствах (Delivery of special software for analysis of information stored in mobile devices)

  4. There's a large trail of e-documentation for 'ФГКУ "ВОЙСКОВАЯ ЧАСТЬ 43753"'

    The profile definitely does NOT match Kaspersky labs... but would match sigint part of FSB. Contract list.

  1. Also, while not a proof, but seriously, can a military unit be a Limited Liability Corporation (which Dr Web is) or closed joint-stock company (which is what Kaspersky Labs is)? Doesn't make almost any sense in any state I can think of, least of all Russian FSB.
user5341
  • 31,075
  • 8
  • 130
  • 178
  • 4
    I don't think that "войсковой части 43753" is typo or even grammar error and that it should be "войсковой частью". Certificates are issued by the Communication sercurity center of FSB which is not _military unit 43753_. – Common Guy Jul 17 '17 at 08:54
  • 2
    V.S.Gorbachev's signature looks marginally different in the two scans, as one might expect if these were similar certificates signed at different times by the same person – Henry Jul 17 '17 at 12:14
  • 3
    As to your last comment (#5), it's quite common for intelligence agencies to set up front companies to acquire goods and services from outside agents (iow, contractors, foreign companies) without doing so openly, the outsider would not know he's working for an intelligence agency. In fact the KGB is known to have done this regularly to get their hands on western technology under embargo for sale to the USSR. So the point is invalid, though I agree the initial assumption that Kaspersky is a military operation is not proven by the document. – jwenting Jul 17 '17 at 13:01
  • 2
    @jwenting - yes but you don't release covert front company's internal military designation, if you create one. Considering their sloppy CI, I would expect that of NSA. Not of FSB. – user5341 Jul 17 '17 at 13:05
  • 1
    @user5341it could have been released inadvertently of course, or hacked by Hillary in retaliation of them hacking the US elections :-) – jwenting Jul 17 '17 at 13:09
  • 5
    This certificate is given out to two entities: to the military unit and to the Kaspersky's Lab. One of them is the applicant, the other is the manufacturer. See for example another such cert: https://security.ru/images/licence/sf121-2120_original.jpg?adfasdf , http://media.kaspersky.com/ru/documents/fsb_2988_KES8mac.pdf , http://media.kaspersky.com/ru/about/certificates/gos/fsb_cert_kav60-2007.jpg , http://media.kaspersky.com/ru/about/certificates/gos/fsb-Proxy-019-2259.jpg . No idea why it's given out to two entities, but that's how it is. – Joker_vD Jul 17 '17 at 13:52
  • 1
    @Joker_vD - that'd make sense (someone in government would ask for a product to be certified) – user5341 Jul 17 '17 at 14:32