About 30% of Russian companies continue to use foreign anti-hacking systems and download updates using an insecure “gray” scheme. Denis Korablev, managing director of Positive Technologies, mentioned this.
We’re talking about next-generation systems (Next Generation Firewall, NGFW) that monitor all Internet traffic and look for signs of cyber attacks and viruses. Historically, these systems were only produced by foreign companies such as Palo Alto and Fortinet, but after the launch of Sovereign Internet, they stopped keeping their equipment in Russia, which left Russian organizations vulnerable to cyber attacks.
According to Korablev, since February 2022, some companies have stopped servicing NGFW systems in Russia. Customers were told that if they continued to download database updates, the equipment would become inoperable and useless.
To upgrade NGFW, Russian companies have developed a “gray” scheme that allows them to continue using foreign equipment in Russia, but with great risks. About 30% of companies admitted to using Western systems and downloading updates from CIS countries. In other words, they download Palo Alto or Fortinet updates through intermediary entities in Kazakhstan or Armenia and transfer them to Russia, where the files are uploaded to working systems.
The expert warns that such a scheme is dangerous, because at the stage of delivering updates, third parties can insert a malicious virus that paralyzes the work of Russian companies. In addition, sanctions may be imposed on legal entities in the CIS countries and access to updates may be closed.
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.