The Treasury Department applied sanctions to six Russian technology companies on Thursday. The sanctions were due to the companies’ alleged support of Kremlin intelligence agencies engaged in “dangerous and disruptive cyber attacks.”
Of those six companies, one of them – Positive Technologies – stands out due to partnerships with IBM and Microsoft. The company has over 2,000 customers in 30 countries, including European banks such as Societ Generale and British telecommunications powerhouse BT.
The company also counts the FSB as a client. The FSB is the successor to the KGB that “cultivates and co-opts criminal hackers” to conduct cybercrime, according to the Treasury Department. The Department claims conventions hosted by the company serve as recruitment events for the FSB and GRU, the Russian intelligence agency.
The GRU has been at the heart of many controversies, including spearheading the hack-and-leak operation against the 2016 presidential election. GRU agents are also responsible for the most damaging cyberattack in history, the NotPetya virus that caused over $10 billion in global damages.
Positive Tech is known for several events, including the annual Hack Days conference in May. Positive Tech specializes in finding vulnerabilities in popular software including the Windows Operating System. Intelligence agencies urge companies like this to disclose such vulnerabilities privately instead of sharing them publicly where they can be exploited.
The U.S stopped short of accusing Positive Technology of this sort of activity and declined to comment further about Positive Tech’s activities.
Microsoft hasn’t answered questions about the business relationship with Positive Tech but confirmed it would obey the rules of the sanction. Spokespeople for the company also said that Positive Tech would be removed from a list of security software providers that Microsoft gives early access to vulnerability information on so companies can produce patches quicker. IBM also has Positive Technologies listed as a security partner.
IBM didn’t offer any comments about the sanction, nor did other HP and VMWare, who also list Positive Technologies as a technology partner.