Tech firms let Russia review software used by U.S. agencies
Technology giants SAP, Symantec and McAfee allowed a Russian defense agency to probe the source code of some of their products — the same ones used by at least a dozen federal agencies — in order to sell in the Russian market, Reuters reports.
Why it matters: Experts say this could jeopardize the security of government computers and networks by allowing Russian hackers to discover unknown vulnerabilities. The agencies that use these software products include the Pentagon, NASA, the State Department, the FBI and other intelligence units.
- In October, Reuters revealed that an HP software used in at least seven agencies had been reviewed by a Russian military contractor.
- In letter to Sen. Jeanne Sheehan, the Pentagon warned that source code reviews by countries like China and Russia could allow them to expose vulnerabilities.
- Reuters has not found any cases in which a source code review aided in a cyberattack, but both federal and private cyber experts have expressed concern.