Security

Matryoshki of news: Tech giants flash code to Russia, Dutch hack Kremlin spies, and more

It's all kicking off

By Thomas Claburn in San Francisco

6 SHARE

Roundup Technology companies can't decide whether to take Russian money or run from it – not that they've ever been much good at turning down cash.

McAfee, SAP, and Symantec, which make software used by the US government, allowed Russian authorities to scan their source code for backdoors and other flaws, according to Reuters on Thursday, as has HPE.

Like China and other nations, the Russian government requires a look under the hood before it will consider spending cash on enterprise software as the applications could be compromised.

The fear is that foreign governments may stash backdoors in the code, effectively turning the apps into bugs – as in, spying bugs. Look no further than the US government, which refuses to run software from Moscow-based Kaspersky on its machines over concerns the antivirus tools can be abused to beam Uncle Sam's secrets to the Kremlin. Kaspersky denies any impropriety.

Knowing that Russian officials have potentially glimpsed exploitable security bugs in applications used by US government departments will freak out American officials.

This is, don't forget, the same Russian government implicated in the compromise of government agency networks, and the 2016 presidential election, in the US.

McAfee, SAP, and Symantec, along with Micro Focus which took over ArcSight, the HPE product audited, told Reuters that the code reviews were done under controlled conditions. No code was allowed to be copied, taken away, or altered by the Russians, we're told.

Evidently aware of the downsides, McAfee and Symantec are said to have stopped code reviews and Micro Focus is said to have limited them substantially. Research firm IDC last year put the value of the technology market in Russia at $18.4bn, so don't expect all cooperation between tech suppliers and the Kremlin to end.

Reuters noted it had no evidence of Russia exploiting any programming blunders found in the applications' source code.

Dutch government 'hacked' Putin's spies

Incidentally, when US intelligence agencies said they believed Russia to be behind election-related hacking and meddling, that conclusion was supported by information from AIVD, the Dutch intelligence service.

According to de Volkskrant, AIVD in 2014 had established surveillance on Cozy Bear, the Russian state hacking group, and observed its efforts to attack the US Democratic Party's email systems and American government servers.

AIVD was, we're told, able to compromise security cameras surrounding the building used by the Cozy Bear crew, to look out for known Russian spies entering the joint. The Euro snoops duly tipped off the FBI that something was afoot.

"Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections," reports the Dutch daily newspaper.

"For years, AIVD had access to the infamous Russian hacker group Cozy Bear ... AIVD [became] witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents.

"It won't be the last time they alert their American counterparts. And yet, it will be months before the United States realize what this warning means: that with these hacks the Russians have interfered with the American elections. And the AIVD hackers have seen it happening before their very eyes."

Social media giants answer burning questions

Meanwhile, Facebook, Google, and Twitter on Thursday responded to questions from US Senate lawmakers looking into Russia spreading disinformation on social media to divide America during the 2016 White House race.

These companies, which sold ads to Russian buyers, some linked to the Kremlin, have been wrestling with how they can keep selling ads to allcomers without selling out US citizens in the process.

Asked whether it might consider requiring disclosures for bot accounts as a potential mitigation for social media manipulation, Sean Edgett, acting general counsel at Twitter, suggested too many false-positives would occur because so many tools can be used to automate posts.

"It is important to note, moreover, that not all automation is malicious," he said.

Facebook general counsel Colin Stretch meanwhile insisted it is closing holes in its ads system that allowed hate-based advert targeting, and has added thousands of reviewers to help review content flowing through its system.

He also acknowledged that Russian trolls had used Facebook to create 129 real-world events, like an anti-immigrant, anti-Muslim rally in Idaho, for which a total of 62,500 people said they planned to attend.

"We do not have data on the realization of these events" he said.

But if you were to look through corporate ledgers, you could probably find the money.

Finally, Stretch was asked about Facebook offering Kaspersky antivirus tools to its social network addicts, so they can clean up any malware infections. Stretch replied: "We no longer make available Kaspersky’s anti-virus software to people with infected devices."

However, Facebook will continue to use some Kaspersky tools internally that alert engineers to emerging online threats. ®

Sign up to our NewsletterGet IT in your inbox daily

6 Comments

More from The Register

Soyuz later! Russia may exit satellite launch biz

Is it worth competing with SpaceX prices?

Russia to Apple: Kill Telegram crypto-chat – or the App Store gets it

We know you’re busy, Mr Cook, but please reply before we become … unpleasant

Google, AWS IPs blocked by Russia in Telegram crackdown

Two million addresses down, 4.2 billion to go - oh, plus the IPv6 address space

Russia appears to be 'live testing' cyber attacks – Former UK spy boss Robert Hannigan

InfoSec Europe Warns that nation state hacking threatens corporate networks

Ex-GCHQ boss: All the ways to go after Russia. Why pick cyberwar?

Adds his 2 cents as PM, security council meet about Salisbury poisoning

Techies! Britain's defence secretary wants you – for cyber-sniping at Russia

Also wants journos to do gov info ops, but let's focus on sensible idea

Russia, America dig into tug-of-war over Bitcoin laundering suspect

We want him! No, he's ours! Shut up!

To Russia, with love: Greek court now says Bitcoin fraud suspect could be tried at home

US and Moscow both want to extradite Alexander Vinnik, 38, but minister of justice will decide

Russia to block access to cryptocurrency exchanges' websites – report

Updated Central bank deputy governor calls them 'dubious'

Russia tweaks Telegram with tiny fine for decryption denial

FSB wanted keys, messaging outfit said Nyet