Russia was able to legally study the Pentagon’s cyber defense system.

Фото: Depositphotos

Company Hewlett Packard Enterprise (HPE) allowed the Russian Ministry of Defense to study the functioning of the cyber defense program used by the Pentagon.

It is reported Reuters, with reference to the records of Russian regulatory authorities and interviews familiar with the case sources.

An HPE system called ArcSight serves as a cybersecurity think tank for most units of the US Armed Forces. She warns analysts about possible attacks on computer systems.

The study of the Russian side of the source code ArcSight - tightly guarded internal software teams - HPE needed to certify products for further sale to the Russian public sector.

The information that the Russian state authorities were given access to this data was confirmed by the spokesman HP Enterprise.

Several former employees of the American special services, as well as former employees ArcSight and independent experts said that by gaining access to the source code, Moscow could detect vulnerabilities in the program that would help hackers hide cyber attacks from the US Armed Forces. At the same time, none of them was aware of hacks and cyber espionage facts that would have been possible if they knew the code.

Moscow got access to the program ArcSight in the 2016 year, just at the time when the United States accused Russia of escalating cyber attacks against American companies, politicians and government organizations

Analysis ArcSight on the Russian side was carried out by the Echelon company of the Federal Service for Technical and Export Control (FSTEK) of Russia, a defense agency involved in the fight against cyber espionage.

The company's president, Aleksey Markov, noted that his team had discovered vulnerabilities in the program, which would be reported to Russian state bodies, after receiving the customer’s approval for disclosing this information to Russian officials.

One of the reasons why Russia required a preliminary analysis before allowing the sale ArcSight government agencies need to make sure that the US intelligence agencies have not equipped software for espionage. No such tools were found.

A representative of the Pentagon Information Systems Security Administration (DISA), which manages the used military computer networks, said that HPE did not inform the agency about the analysis of the program by Russia. But, according to her, military contracts do not always oblige suppliers to report that foreign countries are familiar with the source code.

The agency itself did not require to analyze the source code before purchasing ArcSight and usually does not force technology companies to do this when it comes to ready-made software, such as ArcSight.

US government procurement data showed that the US military, including ground forces, air force, and naval forces, use ArcSight as one of the main cyber threat monitoring tools. For example, ArcSight used in the Pentagon's SIPRNet, a system of interconnected computer networks used to transmit classified information.

A Pentagon spokeswoman declined to comment on the risks to the defense network, which create particular products, but said that all software used by DISA is “carefully checked for security risks” and is constantly monitored after installation.

In recent years, Russia has tightened the requirements for conducting source code analyzes, making it a condition for carrying out activities in the country.

A number of international companies, including the world's largest network equipment manufacturer Cisco Systems Inc and the German software development giant SAP, agreed to conduct the analyzes. At the same time, some others, including the company Symantecspecializing in cyber security was abandoned for security reasons.

Security analysts, in turn, said that studying the source code by Russia, even allowing to get information about vulnerabilities, would not allow hackers to easily access military systems, since hackers will first need to penetrate the external protection of the network to hack ArcSight.

ArcSight Founded in 2000, it became a pioneer, giving large organizations the opportunity to receive real-time notifications of potential cyber attacks.

The program collects information about events from servers, firewalls and individual network computers - up to hundreds of thousands per second. The system then looks for suspicious behavior patterns, such as multiple failed login attempts within a few seconds, and notifies analysts.

Today ArcSight practically indispensable in many structures of the US Army, according to documents of the Pentagon.

Read also on ForumDaily:

How Russia rules the world-American media

Who is watching us on the Internet: find and neutralize

7 things you need to know about cybersecurity and social networks

Do you want more important and interesting news about life in the USA and immigration to America? — support us donate! Also subscribe to our page Facebook. Select the “Priority in display” option and read us first. Also, don't forget to subscribe to our РєР ° РЅР ° Р »РІ Telegram  and Instagram- there is a lot of interesting things there. And join thousands of readers ForumDaily New York — there you will find a lot of interesting and positive information about life in the metropolis.