The $1 billion Russian cyber company that the US says hacks for Moscow

The article provides an in-depth look at the Russian cybersecurity company Positive, valued at $1 billion, which has been sanctioned by the U.S. for its involvement with Russian intelligence agencies. This action was part of a broader U.S. response to what President Joe Biden has declared as a national emergency posed by Moscow’s malign activities.

Despite Positive’s public facade as a typical cybersecurity firm that conducts cutting-edge research and uncovers vulnerabilities, U.S. intelligence has privately assessed that the company plays a crucial role in enhancing Russia’s cyber capabilities. This includes developing offensive hacking tools and operations specifically tailored for Russian intelligence agencies, contributing to cyber campaigns that align with Russia’s geopolitical goals.

The company’s operations are not just limited to tool development; they also involve direct engagement in hacking activities that are considered illegal in Western countries. In contrast to American private military contractors who are under strict oversight, Positive operates with more autonomy as long as their activities serve the national interests of Russia. The U.S. views the relationship between such Russian companies and their government as complex and potentially coercive, with significant power imbalances and implicit threats against non-cooperation.

Positive’s most notable public engagement is its annual event, Positive Hack Days, which U.S. authorities describe as a recruiting platform for Russian intelligence services, particularly the FSB and GRU. The company, however, denies these allegations, maintaining that it reports all discovered vulnerabilities to software vendors without exception.

The sanctions against Positive are part of an ongoing conflict between Moscow and Washington, highlighted by incidents like the SolarWinds attack, which had significant implications for U.S. cybersecurity infrastructure. The U.S. government’s actions against Positive and other similar entities reflect a growing concern over the role of private companies in state-sponsored cyber activities and the broader landscape of international cybersecurity threats.