Meet the super-rich Czech tech company – and its Russian CEO – denying links to the massive SolarWinds hack
Maxim Shafirov looks grizzled, grumbling through a shaved muzzle at only getting two hours of sleep, hunched over his computer as snow falls behind him in a window that overlooks St. Petersburg in winter. The Russian native’s growl is understandable.
Shafirov is the CEO of Czech company JetBrains, which was arguably one of the biggest tech companies you had never heard of, until Wednesday, when reports cited government sources as saying it was doing the job. ‘under investigation for links to massive cyber attacks against U.S. government agencies and tech giants, via the hack of another low-profile IT vendor, SolarWinds, and dozens of its customers, including agencies federal. For millions of coders, the tools at the Prague-based company are invaluable, providing all kinds of software to make building apps that much easier. Founded in 2000, it boasts more than 10 million users in more than 213 countries. The company’s revenue for 2018, according to the latest results available for the private company, was $ 270 million, growing 33% year-over-year. Shafirov, in an optimistic moment in an interview with Forbes, says that despite the Covid-19 pandemic, its revenue growth last year was 10%, as the company suggested it could reach $ 400 million this year. The company was a so-called “unicorn” worth more than $ 1 billion, according to a spokesperson for JetBrains.
Few people outside of the tech world would have paid much attention to the business until the reports in the New York Times, Reuters and the the Wall Street newspaper indicated that those investigating what has become one of the most serious cyber espionage acts in recent memory are examining the possibility of JetBrains being involved. Reports suggest that JetBrains, or one of its applications, TeamCity, was hacked, which led to an infiltration at SolarWinds, which in turn compromised one of its own tools and used to hijack them. customer networks. Among the victims is the Justice Department, which yesterday revealed that 3% of its Office 365 emails had been compromised. He joined the Department of Energy, the Treasury, Microsoft, Cisco and various others who had been affected by the attacks, which the US government says appear to be of Russian origin. The Kremlin has denied responsibility.
However, the anonymous sources were unclear and Shafirov is baffled to be suddenly involved in the investigation. He has not been contacted by anyone in the US government, although Shafirov has said he would be happy to assist them with their investigations if they wish to contact. SolarWinds, who confirmed to be a user of the JetBrains tools, but said they had no evidence that their violation came from the Czech company. Shafirov says SolarWinds has not been in touch since he initially warned of his own compromise in December. He thinks the most likely scenario is that, if JetBrains tools were involved, hackers would find a way to gain access to one of the SolarWinds servers that TeamCity was running on. Its staff have found no evidence of a JetBrains violation or vulnerability in TeamCity, a tool that helps developers integrate code updates into their applications, but if anyone is aware of it a security issue, he wants to hear about it, saying Forbes he wishes to speak to any US agency involved in the SolarWinds hack investigation.
Shafirov has been frustrated by what he claims is an impossible request for the company to prove that she was not raped. “It’s not something we can prove that we are not hacked, how can you prove it?” And even if there was proof, it was word for word.
JetBrains has links to Russia. Shafirov is Russian, as are his three co-founders: Sergey Dmitriev, Eugene Belyaev and Valentin Kipiatkov. Three of its six research and development centers are also based in Russia, alongside its bases in Germany, the Netherlands, the United States and the Czech Republic.
Shafirov says his ties to Russia are a likely reason for suspicion surrounding his business, although he says he was never contacted by the government in his home country. “This will be a great article in terms of clicks, if you combine the Russian hackers and the hacked US government, and if you are able to find a particular Russian in this puzzle, it fits.”
If he were the victim of a cyber attack, it could have huge ramifications in almost any industry imaginable. For now, Shafirov says the company is examining its code for possible weaknesses and its servers for any signs of hacking.
But the damage to company confidence from yesterday’s stories could be significant, he admits. Customers have already been in touch to say they won’t use its tools until the reports are cleared up. He says the company is considering what steps to take to counter the media reports. “In our industry, this credibility that we have built is a very valuable asset … I think the impact [of the reports] it’s great. And we won’t leave it as it is, ”he adds. “The way people read [the stories], they can jump to conclusions very, very quickly. And of course that impacts our reputation in our business and I think we will take action.
When asked if these measures would involve lawyers, Shafirov declined to comment.