If you’ve spent any time in the cybersecurity sector, the chances are good that you’ve at least heard of Ilya Sachkov. As the founder of Group-IB, one of the top cybersecurity companies in Russia, he’s historically been something of a darling in the Russian cybersecurity sector. That’s why it was such a shock to learn that late last month, he’d been arrested on charges of treason.
Reuters reports that an unnamed source cited by Russian state news agency TASS claimed that Sachkov was accused of working with foreign intelligence services, resulting in direct harm to Russia’s national interests. Both Sachkov and Group-IB have denied the charges but offered no further comment. Group-IB’s offices were searched at the same time as Sachkov was arrested.
From where we’re standing, this arrest is concerning for multiple reasons.
First is the fact that Sachkov and his firm were known for working with some of the highest-security agencies in the world. And not just in Russia, where they provided their services to banks and Russia’s Ministry of Internal Affairs. With a focus on high-tech crimes and digital fraud, Group-IB was even known to work with Interpol, assisting them in bringing down cybercriminals around the world.
In addition to being known in the cybersecurity sector for founding Group-IB at only 17 years old, Sachkov also worked as a global commissioner for the Global Commission on the Stability of Cyberspace. It would therefore make little sense for Sachkov to put his reputation at risk by engaging in cyberespionage. That leaves two possibilities.
The first is that this is a misunderstanding. Perhaps whatever source fingered Sachkov as a bad actor was mistaken. Perhaps it was a rival looking to push Group-IB to the side.
Alternatively, it could be that as part of its operations, Group-IB ended up having to protect one of its clients from the actions of state-sponsored actors. Russia is one of the many nation-states suspected to engage in cyber espionage, with its black hats allegedly responsible for multiple major cyber incidents over the past several years.
Coupled with the fact that as reported by Tech Target’s Search Security blog, Group-IB relocated to Singapore in 2018 in an effort to expand its client base internationally, and a rather unpleasant picture begins to form.
It’s important to emphasize that this is all hearsay, mind you. We have no way of knowing what actually happened or what Sachkov actually did. But it’s not as though there’s no history of governments interfering in the operations of cybersecurity firms, particularly if they have a vested interest in any of the firm’s clients.
Ultimately, all we can do is hope that Sachkov’s treason charges, if they aren’t legitimate, are dropped — because otherwise, it could set a very troubling precedent.