The Trump administration’s order barring certain Russian software from government networks doesn’t fully cover one troubling vulnerability — the teeming ranks of government contractors.
That omission could leave open gateways for hackers looking to pilfer government secrets, cybersecurity specialists warn, something that has reportedly happened in recent years with contractors from the CIA and the NSA. But legal experts say the government has only limited ability to require contractors to uproot Kaspersky Lab’s products from their computers.
“It’s a huge area of risk, especially with some of the recent breaches at the NSA and the CIA where it was clear that these contractors were the source of it,” said Trevor Rudolph, the former head of an OMB team that helps agencies improve their cyber defenses.
Matt Keller, who advises government clients on digital security programs as a vice president at GuidePoint, dubbed the issue a “moderate to high risk” for federal agencies.
It’s impossible to quantify the risk exactly, but hundreds of thousands of federal contractors hold top secret clearances.
Keep reading this article at: https://www.politico.com/story/2017/11/24/the-huge-hole-in-the-governments-russian-software-ban-259473