Pentagon is Working on “Do Not Buy” List of Software Vendors Compromised by Russia, China

High ranking officials from the Defense Department said that the Pentagon is working on a technology that will block vendors who use software code that is originating from Russia and China

According to Reuters, Ellen Lord, the undersecretary of defense for acquisition and sustainment, stated that the Pentagon had been working for six months on a “do not buy” list of software vendors.

The List will help the Department of Defense’s acquisitions staff and industry partners to avoid buying a problematic code for the Pentagon and suppliers.

“What we are doing is making sure that we do not buy software that has Russian or Chinese provenance, for instance, and quite often that’s difficult to tell at first glance because of holding companies,” Lord said.

Next week Congress is set to vote on Pentagon’s spending that will contain provisions that would force technology companies to disclose if they allowed countries like China and Russia to examine the inner workings of software sold to the U.S. military.

An investigation done by Reuters found that software companies allowed a Russian defense agency to hunt for vulnerabilities in software used by some agencies of the U.S. government, including the Pentagon and intelligence agencies.

Security experts told Reuters that by allowing Russian authorities to have a look at the source code, adversaries like Moscow or Beijing are able to exploit vulnerabilities in U.S. government systems.

Lord also added that the Pentagon wants to strengthen its suppliers’ ability to withstand cyber attacks and will test their cybersecurity defenses by attempting to hack them.


Be the first to comment

Leave a Reply

Your email address will not be published.