How a dig­i­tal Cold War with Rus­sia threat­ens the IT in­dus­try

Tehran Times - - TECHNOLOGY - By Ja­son Per­low

For the last three years, all the world’s eyes have been on Rus­sia.

It be­gan when the hope­ful spirit of in­ter­na­tional peace and co­op­er­a­tion dur­ing the Sochi Win­ter Olympics turned to fear and un­cer­tainty when Ukraine’s gov­ern­ment ousted its pres­i­dent, Vik­tor Yanukovych, a close ally of Rus­sian pres­i­dent Vladimir Putin.

Rus­sia fol­lowed by send­ing more and more troops into the re­gion and con­fis­cat­ing Ukra­nian mil­i­tary bases and as­sets.

When we thought this had calmed down, con­cerns height­ened when ev­i­dence of its breach­ing of sys­tems run by the Demo­cratic Na­tional Com­mit­tee was brought to light after the elec­tion, as well as pos­si­ble col­lu­sion by cur­rent and exTrump ad­min­is­tra­tion of­fi­cials.

More re­cently, it ap­pears that Rus­sia has been at­tempt­ing to sow con­flict among dif­fer­ent sec­tors of the US pop­u­la­tion and within our gov­ern­ment’s leg­is­la­ture by pur­chas­ing ten mil­lion unique pageviews of ad­ver­tise­ments on Face­book. Google is also in the process of un­cov­er­ing ev­i­dence that this has oc­curred on its on­line prop­er­ties as well.

The reaction by the Western world has been a com­plete con­dem­na­tion of Rus­sia’s ac­tiv­i­ties.

While the United States, un­like Europe, is not a ma­jor con­sumer of Rus­sian gas ex­ports, it would be sim­plis­tic to say that Rus­sia has no impact on US busi­ness at all.

Let’s start with Rus­sian soft­ware com­pa­nies them­selves.

Many of these have sig­nif­i­cant mar­ket share and wide­spread use within US cor­po­ra­tions. Some of these were founded in Rus­sia, while oth­ers are head­quar­tered else­where but main­tain a sig­nif­i­cant amount of their devel­op­ment pres­ence within Rus­sia and other parts of Eastern Europe.

UK-in­cor­po­rated Kasper­sky Lab, for ex­am­ple, is a ma­jor and well-es­tab­lished player in the an­tivirus/an­ti­mal­ware space. It main­tains its in­ter­na­tional head­quar­ters, and has sub­stan­tial re­search and devel­op­ment ca­pa­bil­i­ties, in Rus­sia.

It’s also thought that Eu­gene Kasper­sky, the com­pany’s founder, has strong per­sonal ties to the Putin-con­trolled gov­ern­ment. Kasper­sky has re­peat­edly de­nied these al­le­ga­tions but ques­tions about the man and his com­pany re­main and will be a sub­ject of fur­ther scru­tiny, par­tic­u­larly as US-Rus­sia ten­sions es­ca­late.

Re­cently ev­i­dence has emerged that Kasper­sky’s soft­ware was in­volved in com­pro­mis­ing the se­cu­rity of a con­tract em­ployee of the United States Na­tional Se­cu­rity Agency in 2015. In­ves­ti­ga­tion as the com­pany’s ac­tual in­volve­ment is still on­go­ing.

NGINX Inc., while less than ten years old, is the sup­port and con­sult­ing arm of an open source re­verse proxy web server project that is very pop­u­lar with some of the most high-vol­ume in­ter­net ser­vices on the planet. The com­pany has of­fices in San Fran­cisco, but it is based in Mos­cow.

Par­al­lels, Inc., is a multi­na­tional cor­po­ra­tion head­quar­tered in Ren­ton, Wash­ing­ton, that fo­cuses ex­ten­sively on vir­tu­al­iza­tion tech­nol­ogy as well as com­plex man­age­ment stacks for billing and pro­vi­sion­ing automation used by ser­vice providers and pri­vate clouds run­ning on VMware’s vir­tual in­fra­struc­ture stack and Mi­crosoft’s Azure. How­ever, their pri­mary devel­op­ment labs are in Mos­cow and Novosi­birsk, Rus­sia.

Acro­nis, like Par­al­lels, was founded in 2002 by Rus­sian soft­ware de­vel­oper and ven­ture cap­i­tal­ist Ser­guei Beloussov. He left Par­al­lels and be­came CEO of Acro­nis in May of 2013. The com­pany spe­cial­izes in bare metal sys­tems backup, sys­tems de­ploy­ment and stor­age man­age­ment soft­ware for Mi­crosoft Win­dows and Linux and is head­quar­tered in Woburn, MA, a sub­urb of Bos­ton. How­ever, it has sub­stan­tial R&D op­er­a­tions in Mos­cow.

Veeam Soft­ware founded by Rus­sian-born Rat­mir Ti­ma­shev, con­cen­trates on en­ter­prise backup so­lu­tions for VMware and Mi­crosoft public and pri­vate cloud stacks. Like Par­al­lels and Acro­nis, it is also multi­na­tional. The com­pany main­tains its US head­quar­ters in Columbus, Ohio but much of its R&D is based in St. Peters­burg, Rus­sia.

These are only just a few ex­am­ples. There are nu­mer­ous Rus­sian soft­ware firms gen­er­at­ing bil­lions of dol­lars of rev­enue which have prod­ucts and ser­vices that have sig­nif­i­cant en­ter­prise pen­e­tra­tion in the United States, EMEA and Asia. There are also many smaller ones which per­form niche or spe­cial­ized ser­vices, such as sub­con­tract­ing.

It should also be noted that many mo­bile apps, in­clud­ing en­ter­tain­ment soft­ware for iOS, An­droid and Win­dows also orig­i­nate from Rus­sia.

We aren’t even count­ing the gi­ant tech­nol­ogy com­pa­nies in the soft­ware and tech­nol­ogy ser­vices in­dus­tries that are house­hold names in the United States and EMEA which due to the ex­cel­lent rep­u­ta­tion of Rus­sian devel­op­ers pro­duc­ing high-qual­ity and value-priced work com­pared to their US and Western Europe-based coun­ter­parts, have in­vested hun­dreds of mil­lions of dol­lars in hav­ing de­vel­oper as well as re­seller chan­nel pres­ence in Rus­sia.

The Trump ad­min­is­tra­tion does not need to levy Iran-style iso­la­tion­ist sanc­tions against Rus­sia for a snow­ball ef­fect to start within US cor­po­ra­tions that use Rus­sian soft­ware or ser­vices.

The cool­ing of re­la­tions has al­ready made C-seats within cor­po­rate Amer­ica ex­tremely con­cerned about us­ing soft­ware that orig­i­nates from Rus­sia or has been pro­duced by Rus­sian na­tion­als. The most con­ser­va­tive of com­pa­nies al­most cer­tainly will prob­a­bly just “rip and re­place” most offthe-shelf stuff and go with other so­lu­tions, prefer­ably American ones.

The Rus­sian mo­bile apps? BYOD black­list MDM policies will wall them off from be­ing in­stalled on any de­vice that can ac­cess a cor­po­rate net­work. And if sanc­tions are put in place by the cur­rent or next ad­min­is­tra­tion, we can ex­pect them to ac­tu­ally dis­ap­pear off the mo­bile de­vice stores en­tirely.

Cut the Rope, which is made by Mos­cow-based Zep­to­lab, and count­less games and apps orig­i­nat­ing from Rus­sia could be no more if ac­tual sanc­tions on that in­dus­try are put in place.

Con­trac­tor H-1Bs are al­most cer­tainly go­ing to be can­celed en-masse or will not be re­newed for Rus­sian na­tion­als per­form­ing work for US-based cor­po­ra­tions. You can count on it.

Any ven­dor that is be­ing con­sid­ered for a large soft­ware con­tract with a US com­pany is go­ing to un­dergo sig­nif­i­cant scru­tiny and will be asked if any of their prod­uct in­volved Rus­sian devel­op­ers. If it doesn’t pass the most ba­sic of au­dits and sniff tests they can just for­get about do­ing busi­ness in this coun­try, pe­riod.

Ob­vi­ously, there’s the ques­tion of how re­cent the code is, and whether or not there are good meth­ods in place to au­dit it. We can ex­pect that there will be ser­vices prod­ucts of­fered in the near fu­ture by US and Western Euro­pean IT firms to pour through vast amounts of cus­tom code so that they can be ab­so­lutely sure there are no back­door com­pro­mises left be­hind by Rus­sian na­tion­als un­der the in­flu­ence of the Putin regime.

We will be al­most cer­tainly be deal­ing with Rus­sian cy­ber­at­tacks from within the walls of our own com­pa­nies for years to come, from soft­ware that was orig­i­nally de­vel­oped un­der the aus­pices of hav­ing ac­cess to rel­a­tively cheap and highly-skilled strate­gi­cally out­sourced pro­gram­mer talent.

Newspapers in English

Newspapers from Iran

© PressReader. All rights reserved.