The pentagon warns about the danger of the code


The U.S. army warned the installation of software believed to have been committed by the Russian or Chinese state-backed hackers.

The Pentagon has developed a “do not buy” list of suppliers, reports the Defense news site.

Legitimate-looking the software developers could be fronts for the enemy hacker groups, he said.

The news follows official warnings about the software supply chain attacks that target widely used programs.Hidden code

The Pentagon began compiling the list in early 2018 and is regularly distributed to the hiring of department heads and other equipment that the software code for the armed forces. There are No details of the software packages or the developers are in the list have been released.

In addition, contractors working with the U.S. military to provide technology-related services are “educated” about the companies that seem suspicious.

Speaking of the Defense of One, Ellen Lord, US assistant secretary of defense for acquisition, would not be drawn on whether the weapons or the projects executed by the u.s. army had been infiltrated by compromised software.

Instead of focusing on each of the programmes or weapons systems, he said, the Pentagon is concerned with the broader issue of the search and use of trusted code.

Attempts to subvert the code could take several different forms, suggests a report by the US National Counterintelligence and Security Center. This could involve:
booby-trapped software written by developers with surreptitious links to the enemy states
compromising software companies through the vulnerabilities found when the foreign powers, vet the code for your own use
more subtle influence, such as the large-scale Chinese investment in the artificial intelligence start-ups


Russia has always denied any involvement in cyber-espionage, said Vitaliy Shevchenko of BBC Monitoring. Russia has said that the sanctions visited on business of their own harvest cyber-security company Kaspersky Lab were simply examples of American anti-competitive practices.

Mr Shevchenko said that the Russian strategy of information considered to be imported to the software as a threat in the same way that the Pentagon did. However, he added that it was not clear how much success he had in the exchange of suspected native code alternatives.

The “do not buy” list comes after several warnings about the software and the equipment already is widely used in the US and the uk.

Telecommunications hardware, and the code of Huawei and ZTE have been subject to intense scrutiny in recent months. Earlier this month, the uk government report said that there was only “limited assurance” that Huawei kit posed no threat to national security.