Skip to main content

HPE 'gave Russian government access' to Pentagon cyber defence software

HPE has come under fire after reports claimed the company gave Russian defence forces access to review software it sold to the Pentagon to supposedly protect the agency's networks.

According to regulatory records seen by Reuters, HPE gave Russian defence agencies access to its ArcSight software as part of a bid to gain the certification needed to sell its software to the Russian public sector.

The site quoted several former US military sources and former ArcSight employees as saying that this view into the internal workings of the software's source code, could help Russia detect potential weak spots in Pentagon cyber-defences that could be targeted in future attacks.

HPE told Reuters that no “backdoor vulnerabilities” were uncovered in the Russian review, but declined to provide further details. A company spokesperson did add that neither its source code or any of its products had been compromised.

The review reportedly took place last year as American suspicions of Russian cyber-espionage were reaching a significant high, following claims of attacks against US government agencies and even potential hacks on the 2016 Presidential election.

Greg Martin, a former security architect for ArcSight, told Reuters that the review constituted, "a huge security vulnerability" adding, ”You are definitely giving inner access and potential exploits to an adversary.”

It was completed on behalf of Russia’s Federal Service for Technical and Export Control (FSTEC), a defence agency tasked with countering cyber espionage, and was carried out by a company named Echelon, which is known to have close ties to the Russian military. Russia has also held long-term suspicions that US forces are attempting to carry out surveillance using computer software, but the FSTEC review apparently found no issues to report.

Michael Moore is News and Features Editor working across both ITProPortal and TechRadar Pro. He has worked as a technology journalist for more than five years, including spells at one of the UK's leading national newspapers. He is interested in hearing about all the latest news and developments across the Business IT world, and how companies are using new technology to help push forward their work and make their customer's lives easier.