Home The Lodge

Another Selfless Act of Corporate Patriotism

George KGeorge K Super ModeratorPosts: 11,649 Senior Member
WASHINGTON/MOSCOW (Reuters) - Hewlett Packard Enterprise allowed a Russian defense agency to review the inner workings of cyber defense software used by the Pentagon to guard its computer networks, according to Russian regulatory records and interviews with people with direct knowledge of the issue.

The HPE system, called ArcSight, serves as a cybersecurity nerve center for much of the U.S. military, alerting analysts when it detects that computer systems may have come under attack. ArcSight is also widely used in the private sector.

The Russian review of ArcSight’s source code, the closely guarded internal instructions of the software, was part of HPE’s effort to win the certification required to sell the product to Russia’s public sector, according to the regulatory records seen by Reuters and confirmed by a company spokeswoman.

Six former U.S. intelligence officials, as well as former ArcSight employees and independent security experts, said the source code review could help Moscow discover weaknesses in the software, potentially helping attackers to blind the U.S. military to a cyber attack...

...The HPE spokeswoman said Reuters’ questions about the potential vulnerabilities were “hypothetical and speculative in nature.”

HPE declined to say whether it told the Pentagon of the Russian review, but said the company “always ensures our clients are kept informed of any developments that may affect them.”

A spokeswoman for the Pentagon’s Defense Information Systems Agency, which maintains the military’s networks, said HPE did not disclose the review to the U.S. agency. Military contracts do not specifically require vendors to divulge whether foreign nations have reviewed source code, the spokeswoman said.

The U.S. military agency itself did not require a source code review before purchasing ArcSight and generally does not place such requirements on tech companies for off-the-shelf software like ArcSight, the Pentagon spokeswoman said. Instead, DISA evaluates the security standards used by the vendors, she said...


http://www.reuters.com/article/us-usa-cyber-russia-hpe-specialreport/special-report-hp-enterprise-let-russia-scrutinize-cyberdefense-system-used-by-pentagon-idUSKCN1C716M
The GOP big tent now is the size of a pup tent, its floor splattered with guano.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Magazine Cover

GET THE MAGAZINE Subscribe & Save

Temporary Price Reduction.

SUBSCRIBE NOW

Give a Gift   |   Subscriber Services

PREVIEW THIS MONTH'S ISSUE

GET THE NEWSLETTER Join the List and Never Miss a Thing.

Get the top Fly Fisherman stories delivered right to your inbox.

Advertisement