Matryoshki of news: Tech giants flash code to Russia, Dutch hack Kremlin spies, and more

It's all kicking off

By Thomas Claburn in San Francisco

Posted in Security, 26th January 2018 03:10 GMT

Roundup Technology companies can't decide whether to take Russian money or run from it – not that they've ever been much good at turning down cash.

McAfee, SAP, and Symantec, which make software used by the US government, allowed Russian authorities to scan their source code for backdoors and other flaws, according to Reuters on Thursday, as has HPE.

Like China and other nations, the Russian government requires a look under the hood before it will consider spending cash on enterprise software as the applications could be compromised.

The fear is that foreign governments may stash backdoors in the code, effectively turning the apps into bugs – as in, spying bugs. Look no further than the US government, which refuses to run software from Moscow-based Kaspersky on its machines over concerns the antivirus tools can be abused to beam Uncle Sam's secrets to the Kremlin. Kaspersky denies any impropriety.

Knowing that Russian officials have potentially glimpsed exploitable security bugs in applications used by US government departments will freak out American officials.

This is, don't forget, the same Russian government implicated in the compromise of government agency networks, and the 2016 presidential election, in the US.

McAfee, SAP, and Symantec, along with Micro Focus which took over ArcSight, the HPE product audited, told Reuters that the code reviews were done under controlled conditions. No code was allowed to be copied, taken away, or altered by the Russians, we're told.

Evidently aware of the downsides, McAfee and Symantec are said to have stopped code reviews and Micro Focus is said to have limited them substantially. Research firm IDC last year put the value of the technology market in Russia at $18.4bn, so don't expect all cooperation between tech suppliers and the Kremlin to end.

Reuters noted it had no evidence of Russia exploiting any programming blunders found in the applications' source code.

Dutch government 'hacked' Putin's spies

Incidentally, when US intelligence agencies said they believed Russia to be behind election-related hacking and meddling, that conclusion was supported by information from AIVD, the Dutch intelligence service.

According to de Volkskrant, AIVD in 2014 had established surveillance on Cozy Bear, the Russian state hacking group, and observed its efforts to attack the US Democratic Party's email systems and American government servers.

AIVD was, we're told, able to compromise security cameras surrounding the building used by the Cozy Bear crew, to look out for known Russian spies entering the joint. The Euro snoops duly tipped off the FBI that something was afoot.

"Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections," reports the Dutch daily newspaper.

"For years, AIVD had access to the infamous Russian hacker group Cozy Bear ... AIVD [became] witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents.

"It won't be the last time they alert their American counterparts. And yet, it will be months before the United States realize what this warning means: that with these hacks the Russians have interfered with the American elections. And the AIVD hackers have seen it happening before their very eyes."

Social media giants answer burning questions

Meanwhile, Facebook, Google, and Twitter on Thursday responded to questions from US Senate lawmakers looking into Russia spreading disinformation on social media to divide America during the 2016 White House race.

These companies, which sold ads to Russian buyers, some linked to the Kremlin, have been wrestling with how they can keep selling ads to allcomers without selling out US citizens in the process.

Asked whether it might consider requiring disclosures for bot accounts as a potential mitigation for social media manipulation, Sean Edgett, acting general counsel at Twitter, suggested too many false-positives would occur because so many tools can be used to automate posts.

"It is important to note, moreover, that not all automation is malicious," he said.

Facebook general counsel Colin Stretch meanwhile insisted it is closing holes in its ads system that allowed hate-based advert targeting, and has added thousands of reviewers to help review content flowing through its system.

He also acknowledged that Russian trolls had used Facebook to create 129 real-world events, like an anti-immigrant, anti-Muslim rally in Idaho, for which a total of 62,500 people said they planned to attend.

"We do not have data on the realization of these events" he said.

But if you were to look through corporate ledgers, you could probably find the money.

Finally, Stretch was asked about Facebook offering Kaspersky antivirus tools to its social network addicts, so they can clean up any malware infections. Stretch replied: "We no longer make available Kaspersky’s anti-virus software to people with infected devices."

However, Facebook will continue to use some Kaspersky tools internally that alert engineers to emerging online threats. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Russia, America dig into tug-of-war over Bitcoin laundering suspect

We want him! No, he's ours! Shut up!

To Russia, with love: Greek court now says Bitcoin fraud suspect could be tried at home

US and Moscow both want to extradite Alexander Vinnik, 38, but minister of justice will decide

Russia to block access to cryptocurrency exchanges' websites – report

Updated Central bank deputy governor calls them 'dubious'

Russia tweaks Telegram with tiny fine for decryption denial

FSB wanted keys, messaging outfit said Nyet

'Suspicious' BGP event routed big traffic sites through Russia

Google, Facebook and Microsoft routed through PutinGrad, for no good reason

UK names Russia as source of NotPetya, USA follows suit

Updated 'Almost certain' assessment enough for official blast from Foreign Office

Russia claims it repelled home-grown drone swarm in Syria

13 explosively armed but cobbled-together drones swarmed airbase

UK Army chief: Russia could totally pwn us with cable-cutting and hax0rs

Speech to think tank will warn of Brit weaknesses in key areas

Twitter breaks bad news to 677,775 twits: You were duped by Russia

Election manipulation wasn't as bad as feared – it was worse

Russia could chop vital undersea web cables, warns Brit military chief

ACM Sir Stuart Peach is right – but only to a point