“Former FSB Colonel Sergei Mikhailov is facing treason changes [sic] in Moscow. But the investigation has revealed something truly unusual: Mikhailov’s past seems to be a legend.
On December 4 2016, the Federal Security Service (FSB) arrested Ruslan Stoyanov, the former head of Kaspersky Lab’s Computer Incident Investigation Department. On the same day, they also arrested three FSB officers: Colonel Sergey Mikhailov, his colleague Major Dmitry Dokuchaev, both senior officers of the 2nd Operational Management of FSB Information Security Center, as well as Georgy Fomchenkov. The four men are detained on charges of high treason (Art. 275 of the Russian Criminal Code).
(…) Sergey Mikhailov is a former FSB Colonel. Mikhailov was Chief of the 2nd Operational Management of FSB Information Security Center (ISC).
ARREST — On December 4, 2016, Mikhailov was detained at a board meeting — escorted out of the room with a bag thrown over his head.
LEGAL CHARGE — Sergey Mikhailov has been charged under Art. 275 of the Criminal Code (High treason). Mikhailov has always denied the charge of treason. He allegedly admitted passing information to a third-party but now denies this accusation as well.
CRIMES — Being accused of treason, the case is classified. It is not known exactly what crimes he is suspected of having committed. Here are some of the allegations that were reported in the Russian media.
CRIME A — Investigators believe that he was involved in a document theft from the Ministry of Defense. Defense Minister Sergei Shoygu personally initiated the investigation of the hackers.
CRIME B — According to Anikeev’s testimony, Mikhailov oversaw Shaltay-Boltay. The FSB senior officer supplied hackers with information regarding government dignitaries or officials. The hackers would then demand a ransom from these individual. In case of refusal, they would sell this information for bitcoins through Ukraine and published it on the web.
CRIME C — He is accused of leaking information to the U.S. intelligence community.
At this point, it seems likely that Mikhailov was passing information to Kaspersky Lab employee Ruslan Stoyanov and probably one more not yet named expert on computer security in exchange for money. Then, the information would be sold to intermediaries abroad, and eventually passed on to foreign intelligence services (probably but not necessarily the CIA). Russian media suggests that Colonel Mikhailov may have been selling information for at least seven years.