HP Enterprise Accused Of Letting Russia Examine US ArcSight Military Defense System Source Code
Hewlett Packard Enterprise (HPE) allowed a Russian defense agency to comb over the source code of cyber defense software used by the Pentagon to secure its computer network from cyber attacks. It is said this was done as part of an attempt by HPE to gain the necessary certifications to see sell similar software in the former Soviet Union in the private sector.
The software, called ArcSight, is a central piece of cyber security for many parts of the US military, including the Army, Air Force, and Navy. It alerts authorities of suspected attempts of cyber espionage, picking up on suspicious activity such as multiple failed login attempts and other things that could point towards a possible cyber attack. If Russian actors were allowed to look over the source code, they could potentially uncover weaknesses in the software that could be exploited.
"It's a huge vulnerability," Greg Martin, a former security architect for ArcSight, told Reuters. "You are definitely giving inner access and potential exploits to an adversary."
On the bright side, the review process does not seem to have led to any hacks or acts of cyber espionage. However, that is not to say they will never happen.
The review took place last year, according to Russian regulatory records and interviews with people who supposedly have knowledge of the situation. It is the same time period in which the Pentagon was accusing Russia of an increasing number of cyber attacks against American companies, politicians, and government agencies (all of which Russia has repeatedly denied).
According to HP, no "backdoor vulnerabilities" were discovered in the review. HP also said that it allows Russian government-accredited testing companies to review the inner workings of its software to obtain defense certifications that are needed to sell products to Russia's public sector. These reviews take place at an HPE research and development center outside of Russia and are closely supervised. Russia's supposed interest is to make sure that US intelligence agencies have not placed any spyware into utilities that get sold to the public.
There are varying opinions on how serious a matter this is, or might become. HPE calls questions about potential vulnerabilities "hypothetical and speculative in nature." Some security analysts add that reviewing the source code would not in and of itself be enough allow hackers easy entry into military systems, as there are a number of other safeguards.
On the other hand, Allen Pomeroy, a former ArcSight employee who helped customers by cyber security systems, said that discovering and exploiting vulnerabilities in the software could make it incapable of detecting when the military's network was under attack.
Thumbnail Image Source: Flickr (Don DeBold)
The software, called ArcSight, is a central piece of cyber security for many parts of the US military, including the Army, Air Force, and Navy. It alerts authorities of suspected attempts of cyber espionage, picking up on suspicious activity such as multiple failed login attempts and other things that could point towards a possible cyber attack. If Russian actors were allowed to look over the source code, they could potentially uncover weaknesses in the software that could be exploited.
"It's a huge vulnerability," Greg Martin, a former security architect for ArcSight, told Reuters. "You are definitely giving inner access and potential exploits to an adversary."
On the bright side, the review process does not seem to have led to any hacks or acts of cyber espionage. However, that is not to say they will never happen.
The review took place last year, according to Russian regulatory records and interviews with people who supposedly have knowledge of the situation. It is the same time period in which the Pentagon was accusing Russia of an increasing number of cyber attacks against American companies, politicians, and government agencies (all of which Russia has repeatedly denied).
According to HP, no "backdoor vulnerabilities" were discovered in the review. HP also said that it allows Russian government-accredited testing companies to review the inner workings of its software to obtain defense certifications that are needed to sell products to Russia's public sector. These reviews take place at an HPE research and development center outside of Russia and are closely supervised. Russia's supposed interest is to make sure that US intelligence agencies have not placed any spyware into utilities that get sold to the public.
There are varying opinions on how serious a matter this is, or might become. HPE calls questions about potential vulnerabilities "hypothetical and speculative in nature." Some security analysts add that reviewing the source code would not in and of itself be enough allow hackers easy entry into military systems, as there are a number of other safeguards.
On the other hand, Allen Pomeroy, a former ArcSight employee who helped customers by cyber security systems, said that discovering and exploiting vulnerabilities in the software could make it incapable of detecting when the military's network was under attack.
Thumbnail Image Source: Flickr (Don DeBold)
