Summary5 min read

Risky Bulletin: Russian Cyber Security Picked a Side

Podcast: Risky Bulletin
Host: Amberly Jack
Guest: Tom Uren (Policy and Intelligence Editor)
Date: August 21, 2025
Episode Theme:
A deep dive into the evolving relationships between Russian cybersecurity companies and the Russian government post-Ukraine invasion, as well as an exploration of Russia’s push for domestic messaging apps and the UK’s encryption policy stumble with Apple.

Main Theme Overview

This episode explores how geopolitical pressures have pushed Russian cybersecurity companies to align closely with the Russian government, the effectiveness and implications of Russia's forced migration to a state-backed messenger app, and the diplomatic tangle surrounding UK demands for access to encrypted Apple iCloud data. Tom Uren and Amberly Jack scrutinize trends showing the end of the era for truly global cybersecurity firms, the intersection of national interests and technology, and the real-world effects on citizens and privacy.

Key Discussion Points and Insights

1. Russian Cybersecurity Firms: Picking a Side

[00:41–08:13]

Core Focus: Examining Kaspersky, Positive Technologies, and Code Security—three Russian firms whose fortunes have shifted post-Ukraine invasion.
Western reactions: All three companies have been sanctioned by the US; Kaspersky has been banned outright in several countries.
Outcome for Russian companies: Despite sanctions and bans, these firms have experienced record profits.
- Tom: "It actually pays to pick sides. ... Prior to, I don't know, maybe 2020 or so, Kaspersky was a global company ... tried to isolate itself from being associated with the Russian government. ... But in fact, it's just adapted." [02:47]
Business Pivot:
- Western bans led these companies to successfully rebrand themselves as non-Western alternatives—attractive to nations wary of US/Western vendors.
- Kaspersky established overseas data centers, which, while met with skepticism in the West, functioned effectively as a marketing and business strategy.
Broader Trend: The increasing alignment of cybersecurity firms with their national governments.
- Tom: "It's a natural consequence of increasing competition that cybersecurity firms are drawn closer to their host countries. ... You’re not just a cybersecurity firm, you’re a Russian cybersecurity firm or a Chinese one or a US one." [07:27]
- The war in Ukraine has made these alignments glaringly clear and highlights an industry-wide, but seldom discussed, reality.

2. Russia Forcing Citizens Off Foreign Messenger Apps

[08:13–13:38]

Government Actions: Since early August, Russia has systematically degraded WhatsApp and Telegram’s voice/video call functionality.
Motivation: Explicit effort to push citizens to adopt Max—a new messenger app built by VK (state-controlled).
- Tom: "The Russian government has decided, well, we'll just guarantee success by making sure that nothing else works." [09:17]
Methods:
- Partial blocking (so far affecting calls, not texts—though full blocking is being considered).
- Pre-installing Max on all new devices.
- Mandating government communications migrate to Max.
Comparison with China: Unlike China’s more organic evolution with WeChat, Russia’s approach is direct government intervention—less carrot, more stick.
- Tom: "When you have the, ‘well, let’s just switch everything else off,’ that seems like a very powerful motivator to adopt this app." [12:14]
Impact on Citizens: Real hardship, particularly for elderly and remote citizens unfamiliar with new tech.
- Tom: "It’s hard to talk through with your grandparents how to install a particularly new app and get it working. They’re used to WhatsApp, that kind of story. Sad." [13:21]

3. UK’s Encryption Policy and the Apple iCloud Debacle

[13:38–18:50]

Background: In January, the UK issued a Technical Capability Notice to Apple demanding backdoor access to iCloud backups; the news broke publicly later, triggering global reactions.
- Tom: "The UK had issued a secret government order called the Technical Capability Notice. ... According to the reporting, 'Please provide us with the capability to access iCloud backups full stop.'" [14:13]
International Fallout: Outcry from US officials, including the Director of National Intelligence and even President Trump.
- Tom (paraphrasing officials): "This is, you know, like something you’d hear out of China." [15:58]
Resulting Policy Shift: The UK has apparently "backed down," but the compromise means Apple will not enable Advanced Data Protection (user-only key access) for UK citizens’ iCloud. US and other non-UK citizens remain unaffected.
- Tom: "Apple said ... for UK citizens, we’re going to essentially switch off advanced data protection. ... So that seems to me like maybe there’s just a compromise position." [17:41]
Conclusion: The incident is cast as a diplomatic blunder by the UK, with a compromise that protects US users but leaves UK citizens exposed.

Notable Quotes & Memorable Moments

On Russian cyber firm realignment:
- Tom: "It actually pays to pick sides ... you’re not just a cybersecurity firm, you’re a Russian cybersecurity firm or a Chinese one or a US one." [07:27]
On Russia’s heavy-handed push for Max:
- Tom: "The Russian government has decided, well, we'll just guarantee success by making sure that nothing else works." [09:17]
On encryption diplomacy failure:
- Tom: "I think the whole story is just kind of a failure of diplomacy... I think the UK probably stumbled into this without understanding the implications for the broader relationship." [18:27]
On the lived impact of Russia’s messenger clampdown:
- Tom: "It’s hard to talk through with your grandparents how to install a particularly new app and get it working. They’re used to WhatsApp, that kind of story. Sad." [13:21]

Timestamps for Key Segments

[00:41] – Russian cybersecurity firms’ alignment with Moscow post-invasion
[07:27] – Analysis of global versus national identity in cybersecurity firms
[08:44] – Russia’s forced migration to the Max messaging app
[13:21] – Real-world disruptions to Russian citizens
[13:59] – UK demands Apple provide backdoor access; international uproar
[17:41] – Policy compromise: advanced encryption withheld from UK citizens

Episode Summary

This episode dissects how geopolitics is fracturing the global cybersecurity landscape, driving firms to choose sides and align with home governments—especially true for Russian companies thriving under sanctions by rebranding themselves as anti-Western alternatives. It highlights Russia's forceful and rapid transition to a state-controlled messenger, stressing its impact on ordinary people and revealing the blunt tools of state digital policy. Finally, the hosts unpack the UK government’s failed maneuver to coerce Apple into compromising the privacy of all iCloud users, resulting in a lopsided outcome that angers privacy advocates and underscores the pitfalls of policy made without global consequences in mind.

Loading summary

Transcript18 lines

[00:05]
A
Hey, everyone, and welcome to Seriously Risky Business. This is our podcast all about cybersecurity policy and intelligence. My name is Amberly Jack, and in just a moment I'll be joined by Tom Uren, our policy and intelligence editor, to chat about the Seriously Risky Business newsletter from this week that you can, of course, read and subscribe to from our website, Risky Biz. First, though, I'd like to thank the William and Flora Hewlett foundation for supporting Tom's work and also Lawfare, who syndicate Tom's newsletter and publish it on the law firm media website. And finally, thanks to our corporate sponsor this week, Croll. So g', day, Tom. Thanks for joining me.
[00:40]
B
G', day, Amberly. How are you?
[00:42]
A
Oh, not too bad. And a couple of things I want to chat to you about today. You've got a few pieces in the newsletter, and the first one is you've touched on a report that looks at three Russian security companies and their relationship with the government, especially since the invasion of Ukraine in 2022. Reading your piece this morning, it seems, Tom, it turns out that those sort of strengthening ties with the government have paid off pretty well when it comes to choosing sides for these security firms.
[01:16]
B
Yeah. So the premise of the report is let's look at what's going on in the Russian private sector cyber environment and the way it approaches that is by looking at three particular companies. So they're Kaspersky, which is very well known, positive technologies that has been sanctioned by the US Prior to the prior to the invasion of Ukraine and so has some notoriety. It provides offensive and defensive services to the Russian government and other and other customers, and also code security, which is mostly, it seems like a defensive play. So network security, not involved in offensive activity at all, it appears. And the sort of idea of the report is let's look at these companies because they'll tell us more about the risks to, I guess, US and Western interests. Now, I think that's interesting. What I found most fascinating about the report is that these companies have actually done really well since the Russian invasion of Ukraine. And so the US has done taken some steps to try and I guess isolate or punish them in a way. So it's sanctioned each of these companies over time, like I said, positive technologies before the invasion of Ukraine and the other two afterwards. And it's also, when it comes to Kaspersky, it's basically booted it out of the country. And there've been a couple of other countries that have followed suit to some degree. But despite all that, all three of them They've had record profits in the last year. And to me, it seemed like the real message of the report is that it actually pays to pick sides. So prior to, I don't know, maybe 2020 or so, Kaspersky was a global company. It was trying to sell all over the world. And in a way, it tried to isolate itself from being associated with the Russian government. And it turns out that there's been this big controversy about the allegation is that Kaspersky was actually acting as a tool of the Russian government and that it was focusing its endpoint, security products to try and collect intelligence on US Programs. So that's obviously tremendously bad for business.
[03:59]
A
Well, you'd think so, right?
[04:01]
B
You would think so, right. But in fact, it's just adapted. And there's this sort of polarization dynamic, it seems, where if you align yourself strongly with the Russian government, you all of a sudden have a whole lot of potential friends who are skeptical of the US And US Companies. And so it's not. We're not in the global market, we're losing. It's. We're in a different kind of market where we have a different kind of marketing pitch. Where our pitch is, we're not the US and therefore you can trust us. Now, that dynamic also played out for Positive Technologies, which also has an international business. And their pitch, it seemed to me it was where a diversity play. So you may have a US Vendor, you may have an Israeli vendor, you may have a Chinese vendor. Why not have a Russian vendor as well? And that, in a way, isolates you from geopolitical risk, not isolates you, but it diversifies your geopolitical risk. So if all of a sudden your country is no longer friends with the US or with China or with Israel, whatever, there's. There's another place that you can have business with. And so these. These pitches have been successful for these companies. It speaks about how Kaspersky's done relatively well, expanding its mitigated concerns by setting up data centers overseas. Now, it's easy for us to be skeptical about all those fixes, but from a financial and a marketing point of view, they absolutely work.
[05:42]
A
Yeah, for sure. And it's. I mean, this is quite an interesting case study because obviously Russia's at war and tensions are high and the pressure's really on. But you also make the point in your newsletter, Tom, that this isn't a unique thing for Russia. Security firms working with government or having ties with government. That's kind of just a sign of the times.
[06:05]
B
Yeah, yeah. So thinking back and this, this report made me think back about how the, I guess the sort of positioning of firms changed over time. So maybe going back 10 years, you would think that, yes, there can be such a thing as a global cybersecurity firm. It only does cybersecurity, but it'll serve markets all over the world. And this report really made me think about when the chips are down, companies naturally get involved with their own governments, the people. I think both, there's both cultural like heritage and patriotic reasons that you would support your own nation, but also financial reasons. And that's because governments tend to be like, they can have very lucrative contracts. So there's reasons that you tend to move closer to your host government. And when there's geopolitical competition, when there's like, people talk about great power competition, it's natural that cybersecurity companies are intimately involved in governments because both cyber espionage, cybersecurity, and it's a way of projecting power. And so it's intimately connected to the interests of the state. So it seems to me it's a natural consequence of increasing competition that, that cybersecurity firms are drawn closer to their host countries. So now it seems like a natural state in a way that, yes, you're not just a cybersecurity firm, you're a Russian cybersecurity firm or a Chinese one or a US One. And the war is, I guess it sort of clarifies that. It makes it clear, it shines a spotlight on how much those interests align when the chips are really down and when the pressure's on. I think that's probably a reality that most people recognize now in the industry, but it's not talked about all that much.
[08:14]
A
So I want to move on to the next story. Tom, but sticking with Russia, and you've written today, I love the headline, actually, Russia is shooting the messengers. And you've written about how Russia is forcing its citizens off foreign messenger apps like WhatsApp and moving them towards the Russian national messenger Max, which is fairly new, but is very much being encouraged by the Russian government. So talk me through this one.
[08:45]
B
Yeah. So the story is that in the last, since the beginning of the month, there have been reports that WhatsApp and Telegram voice and video calls have of the service is not working very well. And it turns out that the reason is that the Russian government is just blocking it. So it's not blocking everything, but it's degrading service. And it's all part of a. I guess you'd call It a dastardly master plan to promote a particular app called Max. So I know you spoke about it on the main show a few weeks ago. It's intended to be an all in one app. It's relatively new. It's created by Russian company vk, which is effectively state control. So rather than relying on the market and, you know, building a really good app like the Russian government has decided, well, we'll just guarantee success by making sure that nothing else works. Now it turns out there's reporting that the degrading of voice and video calls is actually a compromise position. One of the steps that they considered taking was just blocking everything. Not just voice and video, but texts and all kinds of messages. Like, you know, the caring Russian government decided that that was just a step too far, but they haven't ruled it out. So I expect that when you've got that kind of stick as an option and you're prepared to use it, you have the political will to just block everything else. Well, of course the only messenger app left is going to be the one that you allow. And so there's no sign that the, that's going to dissuade them. Now the, you know, if you've got an app that does everything and you force your population onto it, I think that's a very nice position for the Russian government to be in from both the surveillance and information and propaganda control perspective. So they seem to have both motivation and I guess now they have the pieces in place and that there is an app that exists that they can, you know, in Silicon Valley parlance, they would take this minimum viable product and they would actually make it work well. Like, I guess for the Russian population, it'd be nice if it was a working app that was actually effective and did its job. But when you've got the stick of no other apps will work well, of course it's going to be a success. Air quotes.
[11:29]
A
When I first started looking into this a few weeks ago, and my first thought was when you compare it to something like China's WeChat, that was a long time ago that that was made and things were a bit different and it was maybe easier to kind of slowly integrate that into everyday life. So it became this everything app and it felt like now it would be a really hard time to bring something out and knock everything else out. But I guess if you just make nothing else work and you give no one else a choice.
[12:04]
B
Yeah, I think it's interesting that the way the Chinese apps developed was organically and it was organic because they were behind the great firewall. And so there was space for, I guess, Chinese domestic innovation. Whereas this is very much a government directed project, which, you know, I guess historically you'd be skeptical that government directed projects will work. But when you have the, well, let's just switch everything else off. That seems like a very powerful motivator to adopt this app. I mean, they're doing other things like pre installing it on all new devices and migrating government communications from things like Telegram to Macs. Like, those are pretty small carrots. I think the big stick is the most effective thing.
[12:53]
A
Yeah, absolutely. And in the meantime, this is having a very real impact on Russian citizens as well.
[13:01]
B
I refer to a story where from Meduza, which is a Russian, a media outlet focused on Russia. And it just collates all these stories of people whose lives has been disrupted in a real way because they can't contact. Typically it's elderly people or remote workers, people who've got no other choice. And when they've been cut off, you know, it's hard to talk through with your grandparents how to install a particularly new app and get it working. They're used to WhatsApp, that kind of story. Sad.
[13:39]
A
Yeah, for sure. And finally, Tom, over to the west now. And recent reporting this week has made it seem like the UK has kind of backed down on this demand that they made in January for Apple to provide a backdoor to allow them access to icloud data. But I'm a little confused as to exactly what's changed here. So can you tell me about it, Tom?
[14:00]
B
Yeah, so this story, I think it's just like from a UK government point of view, it's just a mess. And so the original reporting going back to February was that the UK had issued a secret government order called the Technical Capability Notice. And that notice went to Apple and it said, according to the reporting, please provide us with the capability to access icloud backups full stop. And so the reporting which came out in the Washington Post was the UK government's asking for access to backdoor access to anything anywhere in the world that's in icloud. So that's the report people complain, or I think rightfully say it's not a backdoor in the sense that for most people there already is access to icloud. So there's a service that will protect you from Apple and from law enforcement called Apple Advanced Data Protection. So ADP is not rolled out by default, but it makes the keys only available to the user. And so Apple would be locked out and therefore a law enforcement legal request would be locked out. So the UK government was essentially saying, just make sure that you don't roll this out too widely in a way that we can't get access. And so it's trying to hold the line or maintain the status quo. But anyway, the framing of that reporting got an immediate response from US government officials, including the Director of National Intelligence, Tulsi Gabbard. She spok about being greatly concerned. A number of US senators also agreed. In fact, President Trump said, you know, in an interview with the Spectator, said, this is, you know, like something you'd hear out of China. And so from a UK government point of view, this is a cluster. We don't want this. Things are a bit tricky with US UK relations. The last thing we want is for our lawful intercept capability, which is a nice to have. Like, that's a good thing to have to upset international relations with the us. So now the story is, Gabbard said that the UK had backed off and she used very specific wording which I think was interesting. The UK has agreed to drop its mandate for Apple to provide a backdoor that would enable access to the protected encrypted data of American citizens and encroached on our civil liberties. And so I think it's interesting that she's really carved off American citizens, like she doesn't care about other citizens, Australians, uk, whatever. And so that makes me wonder what's really going on. So there's other reporting where it talks about British officials saying the clash has been resolved, the issue was settled. One person described the us, the UK as having caved to US pressure. And another official said, we can't and we won't make Apple break its encryption. Now, that all sounds like at first reading, like a backdown. But what happened is that Apple said, okay, we're not going to comply entirely with the order, but for UK citizens, we're going to essentially switch off advanced data protection. So if you're in the UK, your iCloud backups can't be encrypted in the same way. They have other sorts of encryption, but not encryption that's protected from Apple having the key, essentially. And so that seems to me like, well, like maybe there's just a compromise position reached, which is effectively that, no, you don't get unencrypted or access to icloud backups for everyone, but you get access to icloud backups for UK people. Yeah. And that protects US citizens. Like, you know, whatever. You can do whatever with your your own citizens. So I think the whole story is, like, just kind of a failure of diplomacy. I think, like, I think the UK probably stumbled into this without understanding the implications for the broader relationship. So regardless of what the actual outcome is, I'm sure everyone's just happy it's over.
[18:50]
A
Yeah, 100%. Hey, Tom, we're going to leave it there, but thank you so much for joining me today, and I look forward to chatting to you again next week.
[18:59]
B
Like, thanks, Emily.