Homepage / Technology / A White House cyber official called Russian review of Pentagon software 'problematic'
test Due Diligence Blog Digital Data Rooms for the Netherlands Board Room Apps Secure Board Management With Secure Board Portals What Happens at Board of Directors Meetings? Board Room Software Review How to Prepare Board Rooms for Effective Board Meetings Board Room Software Boosts Performance and Communication Selecting a Secure Data Room Review Local Data Room Service Review How to Find the Best Virtual Data Room Review What to Look for in a Data Room uk Provider Document Storage and Distribution Software Everything About VDRs Corporate Software Advantages How to Choose a Virtual Data Room Provider The Most Secure Way to Transfer Files How to Manage Online Board Meetings Benefits Virtual Data Room Solutions – Must-Haves for M&A and Due Diligence Best Data Room Functions for the Different Types of Industries How to Choose a VDR Software Provider How to Choose an Online Board Portal The Benefits of a Boardroom Review Board Room Online Solutions – How to Get the Most Out of Your Board Meetings Why You Need a Board Room How a Board Room Blog Can Transform Your Business Choosing the Best Board Room Format How to Have Productive and Engaging Board Directors Meetings Choosing the Right Virtual Data Room How to Keep Safe Documents Storage Teaching Kids About Online Safety Avoid Costly Mistakes With Free Data Room Services Corporate Virtual Data Secure Online Data Rooms Solutions How to Keep Share, Edit and Delete Your Data Safe Virtual Data Room Software Secrets for M&A Due Diligence What to Look For in Boardroom Providers Board of Directors Blog Posts How to Deliver Value at Your Board Meetings How to Have Effective Board Meetings Responsibilities of Board Members Deal Management – How to Effectively Manage a Complex Sales Pipeline Data Rooms For Mergers And Acquisitions How to Have a Successful Board Room Meeting Choosing a Board Room Service Provider What is a Board Room Service? Board Room Software Review – Choosing the Best Portal for Mother Board Meetings Why a Board Room Providers Review Is Important What Is a Board Room Review? Venture Software for VC Firms What Is an Assessment Report? The Importance of a Tech Audit Popular Business Applications What to Look For in a Data Room App What Are Business Applications? How to Choose a Virtual Data Room How to Plan a Data Room Review Coronavirus Guide What is a Virtual Data Room? What Is Data Science? What Is an Operating System? Turbotax Small Business Review How Online VDRs Are Used in M&A Deals Why Choose VDR Software? The Power of Business Software The Benefits of a Software Board Online Data Room Review The Importance of Tech Knowledge Improving Accuracy of Financial Data Online Business Records – How to Keep Your Online Business Records Accurate and Secure What is a Board Portal De? DealRoom Review – A Review of VDR Software M&A Due Diligence for Private Companies The Virtual Data Room Review Why Companies Use a Data Room Review to Facilitate M&A Transactions The Best File Sharing Services How Online VDRs Are Used in M&A Deals Best Virtual Data Room How to Choose a Best Board Room Provider Choosing a Data Room for Due Diligence What Is a Data Room Business Software? Best Data Room Providers Review Data Room Providers Review Mostbet Tr Resmî Web Sitesinde Giriş Ve Kayıt Olm Kumar Oynamak Için En Iyi Yerdir The Benefits of Cloud Data Services for Enterprises Online Data Room and SSL How to Build a Diverse Board of Directors Best Virtual Data Review A Data Room Service Review How Runn Makes Project Data Accessible, Accurate and Shareable Five Pillars of Information Protection The Importance of Online Business Reports Benefits of Colocation Services Virtual Data Rooms Guide Choosing a Business Virtual Data Room Choosing the Right VDR Service Review How to Conduct a Virtual Data Room Review Glory Online Casino Türkiye En Iyi Oyunları Ve Bahisleri Olan Kumarhane

Technology

A White House cyber official called Russian review of Pentagon software 'problematic'

Written by finanster
on October 3, 2017
Leave a comment

Allowing foreign governments to require reviews of software secrets of technology products built by U.S. companies is “problematic,” the top White House cyber security official said on Tuesday, adding that the increasingly common arrangements presented both security and intellectual property risks.

Rob Joyce, the White House cyber security coordinator, said that letting countries inspect source code, the closely guarded internal instructions of software, as a condition for entry into foreign markets was a protectionist effort by certain regimes that threatened a “free and open internet” and could “hobble” a product’s security and privacy features.

Reuters on Monday reported that Hewlett Packard Enterprise last year allowed a Russian defense agency to review the inner workings of cyber defense software known as ArcSight that is used by the Pentagon to guard its computer networks.

Cyber security experts, former U.S. intelligence officials and former ArcSight employees said the practice could help Moscow discover weaknesses in the software, potentially helping attackers to blind the U.S. military to a cyber attack.

“There are security aspects of those disclosures (and) they are problematic,” Joyce, a former hacker at the U.S. National Security Agency, said at a Washington Post Cybersecurity Summit when asked specifically about the story.

He added that he was more concerned about the intellectual property risks associated with the reviews, however.

“If you give your source code to China as a condition of entering into that market, you’ve got to wonder if competitors are then going to start to adopt those features,” Joyce said at the event, which was sponsored by HPE. “And we’ve seen some examples of that in the past and that really concerns us.”

Asked about Joyce’s comments, an HPE spokeswoman said the company “has never and will never take actions that compromise the security of our products or the operations of our customers.”

The company said the reviews have taken place for years and are conducted by a Russian testing company at an HPE research and development center outside of Russia, where the software maker closely supervises the process, and that no code is allowed to leave the premises.

HPE has said the inspection process was necessary to obtain certification from Russia’s Federal Service for Technical and Export Control (FSTEC), a defense agency tasked with countering cyber espionage, in order to sell software in Russia. The review of ArcSight’s code was conducted by Echelon, a company with close ties to the Russian military, on behalf of FSTEC, according to Russian regulatory records and interviews with people with direct knowledge of the issue.

British tech company Micro Focus International Plc, which purchased ArcSight from HPE last year in a transaction completed in September, did not respond when asked about Joyce’s remarks. Micro Focus has not responded to requests for comment on whether it would allow Russia to do similar source code reviews in the future.

Russia in recent years has stepped up demands for source code reviews as a requirement for doing business in the country, Reuters reported in June.

China in May adopted a new cyber security law that western companies have criticized for requiring overly strict data surveillance and storage requirements. The law has raised concern that companies will need to choose between compromising security to protect business and losing out on the enormous Chinese market.

“The idea that you can’t enter Chinas market without offering up your intellectual property in this way, without agreeing maybe to hobble some of the security and privacy features of it … Russia is heading that way, a bunch of totalitarian regimes are heading that way,” Joyce said.

Source: Tech CNBC
A White House cyber official called Russian review of Pentagon software 'problematic'

Comments are closed.