Do you all remember "grayfish?"
https://binsecurity.wordpress.com/2017/02/09/equation-groups-grayfish/
This was a major cyber security issue a few years ago. Kaspersky was the group who found it. Interestingly, it was also right before Q kicked off that POTUS banned use of Kaspersky on government systems.
https://www.washingtonpost.com/world/national-security/us-to-ban-use-of-kaspersky-software-in-federal-agencies-amid-concerns-of-russian-espionage/2017/09/13/36b717d0-989e-11e7-82e4-f1076f6d6152_story.html
I thought the claim that they were being used for espionage to be rather specious, as communicating with Kaspersky's servers is exactly what the program is supposed to do (among other things). It sounded more like an action in search of a justification.
When we got Q, I then realized that we were likely looking at Kaspersky being banned because that software will not give the CIA and NSA's tools any mercy when they find them. "Wolfcreek/Grayfish" were already compromised - either by legitimate action from Russia, or assistance from the CIA (Snowden - why Russia?).