Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found.
Russian authorities are asking Western tech companies to allow them to review source code for security products such as firewalls, anti-virus applications and software containing encryption before permitting the products to be imported and sold in the country. The requests, which have increased since 2014, are ostensibly done to ensure foreign spy agencies have not hidden any "backdoors" that would allow them to burrow into Russian systems.
But those inspections also provide the Russians an opportunity to find vulnerabilities in the products' source code - instructions that control the basic operations of computer equipment - current and former U.S. officials and security experts said.
U.S. officials say they have warned firms about the risks of allowing the Russians to review their products' source code, because of fears it could be used in cyber attacks. But they say they have no legal authority to stop the practice unless the technology has restricted military applications or violates U.S. sanctions.
Look I understand that businesses are concerned about their bottom line, and opening up new opportunities in new markets is very seductive, but based on what just happened in 2016 this seems incredibly naive.
I'm sorry let me take that back because naive simply does not cover it.
Volunteering this information is FUCKING STUPID!
The Russians are clearly collecting information in order to find weaknesses in America's cyber security systems, and these companies are simply handing it over to them without a fight.