Western Tech Companies Feel Pressure, Bow to Demands by Russia
Western tech firms including IBM, SAP and Cisco, have acceded the demands by Moscow to gain access to product security secrets that have been closely guarded, during a time when the Russian government has been accused of several cyberattacks across the West.
Russian authorities have asked tech companies from the West to grant them the right to review the source code for products that provide security such as anti-virus apps, software that included encryption and firewalls before allowing the products to be imported then sold in their country.
The requests since 2014 have increased and are done to ensure international spy agencies are not hiding backdoors that would give them the ability to burrow into systems in Russia.
However, the inspections also give the Russians the opportunity to find any vulnerability in the source code of the products, said both former and current U.S. officials as well as experts in security. The source code is instructions that control operations of different computer equipment.
While many firms from the U.S. say they have decided to allow this to preserve their presence in the huge tech market in Russia, one U.S. company Symantec, said it had stopped being cooperative with the reviews of source codes due to security concerns.
Symantec said the lab that was one inspecting its company’s product was not sufficiently independent enough from the government of Russia.
Officials from the U.S. said they warned companies about risks involved in allowing officials from Russia to review the source code of products, out of fears it might be used during cyberattacks.
However they say there is no legal authority to end the practice unless technology has restricted military apps or is a violation U.S. sanctions.
Looking at this from the company’s point of view, they said they have received a great deal of pressure to accept the demand from regulators in Russia or risk having their doors shuttered and being on the outside looking in at a lucrative tech market.
The companies have said they only allow a review by Russia of their source code inside secure facilities that are made to prevent codes from being altered or copied.
The demands have come from the Federal Security Service of Russia, which the government of the U.S. says took part in a 2016 presidential campaign cyberattack of Hillary Clinton as well as a hack in 2014 of Yahoo that included 500 million email accounts.