Congress passes bill forcing tech companies to disclose foreign software probes
Congress is sending President Donald Trump legislation that would force technology companies to disclose if they allowed countries like China and Russia to examine the inner workings of software sold to the US military. The legislation, part of the Pentagon’s spending bill, was drafted after an investigation found software makers allowed a Russian defense agency to hunt for vulnerabilities in software used by some agencies of the US government, including the Pentagon and intelligence services. Security experts said allowing Russian authorities to probe the internal workings of software, known as source code, could help Moscow discover vulnerabilities they could exploit to more easily attack US government systems. Companies would be required to address any security risks posed by the foreign source code reviews to the satisfaction of the Pentagon, or lose the contract. The legislation also creates a database, searchable by other government agencies, of which software was examined by foreign states that the Pentagon considers a cyber security risk. It makes the database available to public records requests, an unusual step for a system likely to include proprietary company secrets. The new rules were drafted by Senator Jeanne Shaheen (D-NH).
Congress passes bill forcing tech companies to disclose foreign software probes