Russia has long cultivated the image of a tech power—able to offer an alternative to Silicon Valley and the big Western platforms. In today’s volatile world, the Kremlin is trying to weaponize its cyber expertise, turning digital tools into levers of geopolitical influence.
A Quiet Summit with Loud Implications
In late April 2024, St. Petersburg hosted a meeting that barely registered in Western capitals but raised eyebrows elsewhere. Nikolai Patrushev, the Kremlin’s longtime security chief, gathered intelligence and defense officials from Africa, Asia, Latin America, and the Middle East. The agenda sounded bland—“information sovereignty and security”—but the pitch was blunt: Russia could help foreign governments seize control of their digital ecosystems.
The presence of Sergey Naryshkin, head of Russia’s foreign intelligence service, signaled this wasn’t just tech talk. Patrushev invited attendees to tap into Russia’s leading cybersecurity firms, presenting them as shields against Western interference.
Invisible to Washington, Impossible to Ignore in the Global South
In the U.S. and Europe, the meeting barely made a ripple. Washington was consumed with passing a $60 billion aid package for Ukraine; Brussels was prepping another round of sanctions. But in Africa, Asia, and the Middle East, the Kremlin’s message landed. Representatives from Brazil, Sudan, Thailand, Uganda, the Arab League, and Russia’s traditional allies—China and Iran—showed up.
For many of them, the sales pitch was appealing. Moscow does have a strong cyber tradition, and in an era when Twitter uprisings and online-driven protests have toppled governments, the promise of a digital firewall sounded like a necessity. Their logic is simple: Western social platforms have fueled political unrest, while Russia offers itself as a partner capable of shutting that down.
Cold War 2.0, but Digital
The Kremlin has long treated Africa, the Middle East, parts of Asia, and Latin America as battlegrounds in a new Cold War. Cybertechnology is just the latest extension of Moscow’s toolbox—alongside military contractors like Wagner and cultural diplomacy through “Russian Houses,” which often double as soft-power outposts and intelligence hubs. Now, the digital sphere is being added to that arsenal.
In Washington and European capitals, the view is clear: Russian IT giants are deeply entwined with the security state. Back in 2021, the U.S. Treasury sanctioned Positive Technologies, calling it a “partner” of the FSB and GRU. In 2024, Kaspersky Lab was hit with allegations of cooperating with Russian intelligence. Germany, Italy, and Poland moved to restrict its software. Both companies denied the charges, but the pattern was unmistakable—Western governments see Russia’s cyber sector not as private enterprise but as an extension of state power.
What looks to Moscow like a digital empire in the making looks to the West like the frontline of a shadow war.
New Alliances, New Risks
Despite mounting pressure, Moscow is ramping up its outreach. Africa, Central Asia, and the Middle East have become key targets where Russian tech firms hunt for partners and contracts. For governments in these regions, cutting deals with Moscow looks pragmatic: the West has shown little appetite for investing in their digital defenses on equal terms, while Russia is offering turnkey solutions.
But there’s a darker flip side. Such agreements hand Russian intelligence agencies potential entry points—access to sensitive national data, expanded channels for espionage, and the ability to shape digital ecosystems from the inside. Analysts warn: in Kremlin hands, these deals are not just shields but weapons.
Moscow’s Cyber Expansion: A Quiet Threat and a New Web of Dependence
In recent months, Russia has pressed its cyber offensive with barely any pushback. The Trump administration, preoccupied with resetting foreign policy priorities and scaling back overseas cyber-intelligence operations, has largely taken its eye off Moscow’s digital maneuvers. That vacuum has given the Kremlin room to maneuver, tightening ties across Africa, Asia, and Latin America without serious interference from Washington. Left unchecked, this network of partnerships could do more than erode U.S. influence in the developing world—it could furnish Moscow with fresh capabilities for cyberwarfare against the West.
From Soviet Classrooms to Global Brands
Russia’s cyber industry grew out of two intersecting forces: the formidable Soviet tradition in mathematics and programming, and the collapse of the defense sector after the USSR’s fall. Highly trained engineers, suddenly unemployed, shifted into the emerging field of cybersecurity. Out of that churn came companies that managed to win global recognition.
The most famous, of course, is Kaspersky Lab. Founded in 1997, the company quickly became a heavyweight, offering antivirus programs and enterprise-grade protection systems. By 2010, Kaspersky researchers had uncovered Stuxnet—the first known cyberweapon designed to sabotage Iran’s nuclear program. That discovery cemented the brand’s reputation as one of the most skilled players in the business.
The Crimea Turn
For years, Russian firms looked westward. Kaspersky even set up its headquarters in London, signaling a willingness to play by international rules. But after 2014, when Moscow annexed Crimea, the pressure mounted. Allegations of Russian interference in the 2016 U.S. election only deepened suspicion.
In March 2017, U.S. intelligence agencies declared Kaspersky products unsafe. The Department of Homeland Security ordered the removal of its software from government systems, citing its deep access to user files. Later that year, The Wall Street Journal and The New York Times reported that Russian spies had stolen classified NSA material through a contractor’s computer running Kaspersky software. The company flatly denied it—“We have never and will never help any government in cyberespionage operations”—but the scandal shut it out of the American market.
Pivot to the Global South
Sanctions and suspicion forced a strategic pivot. The Kremlin began reorienting its cyber sector toward new markets. A milestone came in April 2024, at the St. Petersburg gathering where Patrushev showcased seven Russian heavyweights: Positive Technologies, Kaspersky Lab, the Cyberus Foundation, Angara Security, Code of Security, Security Vision, and Solar.
These firms build tools to defend against cyberattacks—whether from hacker collectives or hostile states. The catch is structural: their solutions demand the deepest possible access to a country’s digital systems. That, in turn, creates a new kind of dependence—one that puts Moscow inside the firewalls of its partners.
The Architecture of Dependence
For countries across the Global South, Russia’s cyber pitch looks like a ready-made fix: hardware, software, training, even legal frameworks. But in practice, it locks governments into structural dependence. Local security services and police forces rarely have the expertise to run these systems on their own. That leaves them tethered to Russian providers.
The outcome is predictable. Moscow gains privileged access to the digital security infrastructure of foreign states, embedding its influence well beyond traditional military or diplomatic channels. For the Kremlin, this isn’t just a business model—it’s a new form of control and intelligence-gathering.
What sets Russia’s cyber sector apart is its DNA. Its core talent pool comes from Soviet-era “closed” universities built for the military and the KGB. These institutions trained generations of specialists conditioned to work under strict secrecy. It’s no accident that Eugene Kaspersky himself studied at a KGB higher school. For Western observers, the line is clear: Putin is reviving a system where the boundaries between private business and the security state all but disappear.
While Kaspersky himself has avoided personal sanctions, a dozen of his top executives were blacklisted in the United States. The company denounced the move as “bizarre and unfair,” insisting its leadership operated independently from Russian intelligence. But doubts only deepened after a 2016 scandal, when the FSB arrested several senior cybersecurity figures—including a Kaspersky manager—on treason charges. To many experts, that episode sent a chilling message: in today’s Russia, loyalty to the state is no longer optional.
Sanctions and the Breaking Point
Washington doubled down under President Biden. The Treasury Department sanctioned both Positive Technologies and Kaspersky Lab, with European governments quickly following suit. Canada and the UK banned Kaspersky software in the public sector, while Germany and Italy issued warnings against its use even by private firms. By 2022, after Russia’s invasion of Ukraine, Italy’s national cybersecurity agency prohibited Russian protective software altogether—targeting Kaspersky, Positive Technologies, and Group-IB.
The companies pushed back. Positive Technologies dismissed the EU’s case as little more than punishment for holding an FSB license, stressing its business focus on Latin America, the Middle East, North Africa, Southeast Asia, India, China, and South Africa. Group-IB took a more radical step, splitting its international arm from its Russian headquarters in a bid to salvage global operations.
New Beachheads—from Cairo to Doha
But sanctions didn’t stop Moscow. If anything, they accelerated its pivot. The April 2024 meeting in St. Petersburg became a launchpad for a fresh expansion drive. By December, Positive Technologies had inked a distribution deal with Mideast Communication Systems in Cairo—a strategic foothold in Africa and the Middle East, particularly Egypt and Saudi Arabia. Riyadh was especially interested in the firm’s expertise against APT-style attacks—long-term, stealth intrusions often aimed at military and telecom networks. According to company figures, 88 percent of such attacks in 2024 targeted precisely those sectors in Saudi Arabia.
Equally telling was a June 2025 agreement between the Cyberus Foundation and Al-Adid Business, owned by Sheikh Suhaim bin Ahmed Al Thani, a member of Qatar’s ruling family. The partnership promises to create Cyberdom Qatar and Hackademy—institutions designed to train a new generation of cybersecurity professionals.
There’s no hard proof tying these initiatives directly to Russian intelligence. But the implications are obvious: such contracts hand Russian companies—and by extension, the Kremlin—expansive access to the digital infrastructure of strategically vital states.
Moscow’s Cyber Belt: From the CSTO to Africa
In April 2025, the Kremlin crossed a new threshold in institutionalizing its digital push. The Cyberus Foundation—Moscow’s spearhead for cyber strategy—signed an agreement with the Collective Security Treaty Organization (CSTO), the Russian-led military bloc that includes Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Tajikistan. CSTO Secretary General Imangali Tasmagambetov cast the deal as a way to “strengthen member states’ coordination in countering cyberthreats and boost the region’s cyber resilience.” For Moscow, the message was clear: cyberspace is now to be treated as a collective defense domain on par with military security—and Russian firms are positioning themselves as the prime contractors for that mission.
Africa as a Testing Ground
But it’s Africa where Moscow has moved most aggressively. Kaspersky Lab signed a landmark agreement with Smart Africa—a coalition of 40 nations working toward the continent’s digital transformation. By February 2025, the company also joined the African Network of Cybersecurity Authorities, a new bloc designed to coordinate responses to cross-border digital threats. Together, these partnerships allow Kaspersky to brand itself not just as a vendor, but as the architect of Africa’s fledgling cybersecurity order.
For the Kremlin, such moves are long-term bets. Africa isn’t just another growth market—it’s a political springboard. By marketing “technological sovereignty” as an alternative to Western platforms, Moscow is weaving itself into the continent’s digital infrastructure and political calculus.
St. Petersburg Forum: The Showcase of a Doctrine
The St. Petersburg International Economic Forum in June 2025 became the stage for Russia’s cyber doctrine to take center spotlight. Among the star players were the companies on what’s become known as Patrushev’s shortlist. Yuri Maksimov, co-founder of Positive Technologies and the Cyberus Foundation, delivered what amounted to a manifesto for digital protectionism. States without “full technological independence,” he argued, must face the reality that without control over their cyberspace, they have no sovereignty.
That framing is no accident. By Kremlin logic, a vast swath of Africa, Asia, and the Middle East falls squarely into this vulnerable category—and Russia is eager to fill the vacuum.
The Spy Turned Champion of “Digital Sovereignty”
Backing Yuri Maksimov’s call for cyber independence was Andrei Bezrukov, now president of the Russian Association for the Export of Technological Sovereignty. In the United States, he’s better remembered under his alias, Donald Heathfield—the deep-cover agent from Moscow’s infamous “Illegals Program,” arrested in 2010 and later swapped back to Russia in a spy exchange. Since then, Bezrukov has reinvented himself as a Kremlin talking head on American affairs. Today, he’s cast as an “expert” in exporting digital sovereignty.
The symbolism couldn’t be clearer: a former spy who once posed as an American academic now markets Russia’s cyber strategy abroad, turning what used to be the clandestine work of Russian intelligence into a polished commercial product.
Control as a Service
At the core of Moscow’s strategy is a simple sales pitch: offer partners end-to-end solutions, from social media monitoring to building entire national cybersecurity systems. For governments nervous about “Twitter revolutions” or color uprisings, Russia looks less like a threat and more like a shield against the West.
And here lies the paradox. The prominent role of ex-spooks like Sergey Naryshkin or Andrei Bezrukov doesn’t scare off clients; it reassures them. In the eyes of many Global South elites, Russian cyber companies are the protectors standing between their fragile regimes and the destabilizing power of Western media and platforms—even if that protection comes bundled with Moscow’s backdoor into their most sensitive systems.
A Race Russia Could Win
What’s unfolding is a new arms race. Not about nukes or aircraft carriers, but about control over states’ digital ecosystems. And unlike in the past, Russia suddenly looks like a frontrunner.
The stakes are enormous. This isn’t just about which company gets to defend databases and networks across dozens of countries. It’s about shaping the next generation of cyber professionals who will decide what counts as a threat, and who counts as an enemy. That’s not technology—that’s ideology.
Since the early 2000s, Moscow has stretched the very definition of “information security.” In the Kremlin’s worldview, cyberthreats aren’t just malware or hackers. They include foreign media, social networks, bloggers—anyone spreading an inconvenient narrative. Beijing has adopted a similar line, and today a growing number of Global South governments are buying into it, framing digital threats through a political lens.
For Washington and Europe, the danger is obvious. By embedding itself in education programs and infrastructure projects, Russian firms may leave behind “backdoors” in their clients’ systems. Leaked NSA files have even outlined scenarios where Russian software could, in theory, give Moscow’s spies invisible access to critical infrastructure.
And yet, here’s the irony: the very sanctions Washington and its allies imposed to isolate Russia have ended up playing into Moscow’s hands. Shut out of the U.S. and European markets, Russian cyber firms pivoted to Africa, the Middle East, and South Asia—regions with looser regulations, friendlier governments, and massive demand for protection against “foreign meddling.”
Russia is playing the long game. Its intelligence services plan in decades, while the companies are simply the storefronts. The West, bogged down in the Ukraine war and domestic dysfunction, doesn’t always move fast enough to counter. If that inertia holds, Moscow could well come out ahead—not on battlefields, but on the invisible frontlines of the fight for control over the Global South’s digital future.