logo

The Impact of Russia’s Invasion of Ukraine on the IT Field

Posted by Marbenz Antonio on March 1, 2022

Kiev, Ukraine

Editorial Note: The Cybersecurity & Infrastructure Security Agency (CISA) released a revised set of cybersecurity guidelines for enterprises on February 23 in reaction to Russia’s “unprovoked attack on Ukraine.”

Tensions with Russia have become worse in the five years since I first looked at the possible impact of a Digital Cold War on the IT sector, especially following a series of cyberattacks on US networks. These include Russia’s role in the SolarWinds hack, as well as its meddling in the 2016 US presidential election through attacks on the Democratic National Committee’s infrastructure and the purchase of tens of millions of Facebook advertising to create dissatisfaction among US voters.

For many years, the country has concentrated on international cybersecurity action under Vladimir Putin’s leadership. The impact of Russia’s invasion of Ukraine on the IT field.

Ukraine Invasion

Russia has launched a full-scale invasion of Ukraine under the guise of “peacekeeping operations.” Russia is also suspected of being behind recent cyberattacks on Ukrainian banks.

As a result, the US, NATO nations, and allies have imposed a slew of economic sanctions on Russia, including prohibiting its two state-owned banks from trading debt on US and European markets and freezing their assets in US jurisdictions, as well as freezing the assets of the country’s wealthiest citizens. Germany has put a halt to its ambitions to build the Nord Stream 2 Gas Pipeline in Russia. As Russia’s attack on Ukraine continues, further broad-based sanctions are likely.

“President Putin has chosen a premeditated war that will bring a devasting loss of life and human suffering,” President Biden said on February 23. “Russia alone is responsible for the death and damage this attack will bring, and the United States and its Allies and partners will respond in a united and decisive manner. The world will hold Russia accountable.”

The economic consequences of this confrontation are expected to be considerable, including the suspension of Russian oil and natural gas shipments to Western Europe and, probably, the denial of civil and commercial aviation passage to Asia via Russian airspace. Although, unlike Europe, the United States is not a large buyer of Russian energy exports, it would be naive to conclude that Russia does not influence the US industry.

A protracted battle with Russia, along with the enforcement of broad sanctions, will have a significant impact on the global IT industry.

Concerns about Russian ties among software businesses

Many enterprises with large market share and extensive use in the United States have varying degrees of ties to Russia. Some companies were created in Russia, while others are located overseas but have a development presence in Russia and Eastern Europe.

Kaspersky Lab, for example, is a significant and well-known antivirus/antimalware company based in the United Kingdom. Although its principal R&D center was relocated to Israel in 2017, it maintains its worldwide headquarters and significant research and development capabilities in Russia.

Eugene Kaspersky, the company’s creator, is also known to have close personal links to Putin’s government. Although Kaspersky has rejected the charges, there are still issues about the individual and his firm, which will be investigated further as the fight progresses.

In the past, evidence revealed that Kaspersky’s software was engaged in compromising the security of a US National Security Agency contract employee in 2015. Kaspersky Lab, on the other hand, claims that the proof for this has not been adequately established, and has conducted an internal examination of the results.

It’s also worth mentioning that corporations that have no evidence of misconduct face guilt by association.

NGINX Inc is the support and consulting branch of the NGINX open source reverse proxy web server project, which is used by some of the world’s largest internet businesses. The firm was founded in Russia but was purchased by F5 Networks in 2019. In January of this year, the company’s creator, Igor Sysoev, announced his resignation.

Parallels, Inc., which Corel purchased in 2018, is a virtualization technology company. Parallels Desktop is one of the most popular Windows virtualization solutions for Macs. Their principal development laboratories were once located in Moscow and Novosibirsk, Russia. Serguei Beloussov, who was born in the former Soviet Union and subsequently immigrated to Singapore, started the corporation. Virtuozzo and Plesk, two of its products, were split out as separate companies in 2017. Ingram Micro purchased Parallels’ Odin, a complicated billing and provisioning automation management stack utilized by service providers and private clouds operating on VMware’s virtual infrastructure stack and Microsoft’s Azure.

Beloussov founded Acronis, which is similar to Parallels. He became CEO of Acronis in May 2013 after launching Parallels in 1999 and being associated with both firms for a long period. The firm focuses on end-to-end device protection and has previously offered bare-metal systems imaging, systems deployment, and storage management solutions for Microsoft Windows and Linux. The company’s worldwide headquarters are located in Singapore. It does, however, have significant R&D activities in Eastern Europe, as well as Israel, Singapore, and the United States.

Veeam Software focuses on business backup solutions for VMware and Microsoft public and private cloud stacks and was created by Russian-born Ratmir Timashev. It, like Parallels and Acronis, is an international company. Much of its R&D was based in St. Petersburg, Russia, for many years. Insight Partners bought the company in 2020 and hired a new management team. However, how much Russian legacy code is in its products or continues to be contributed to them is unknown.

These are only a couple of instances. Several Russian software companies earn billions of dollars in sales and have products and services that are widely used by businesses in the United States, Europe, and Asia. Many smaller businesses specialize in a niche or specialized services, such as subcontracting.

It’s also worth noting that many mobile apps, including entertainment software for iOS, Android, and Windows, come from Russia.

Russian service companies will be hit as well

Many global technology giants in the software and services sectors have utilized Russian and Eastern European developers in the past because of their high-quality and cost-effective work when compared to their peers in the United States and Western Europe. Moreover, numerous companies have spent hundreds of millions of dollars to establish a developer and reseller channel presence in Russia.

It is not necessary for world governments to impose isolationist sanctions against Russia in the way of Iran for a snowball effect to begin within US firms that employ Russian software or services.

The expansion of the situation in Ukraine into a full-fledged war will make C-seats in global corporations increasingly hesitant of utilizing software developed in Russia or by Russian nationals. Most off-the-shelf items will most likely be “ripped and replaced” by conservative enterprises, which will prefer to use American solutions.

What about the Russian mobile apps? BYOD (bring your device) mobile device management (MDM) regulations will prevent them from being installed on any device that can connect to a business network. And, if international governments impose sanctions, we may anticipate them to vanish totally from mobile device marketplaces.

When genuine sanctions against Russia’s gaming and app industries are applied, a slew of games and apps might be rendered obsolete.

C-seats, on the other hand, aren’t going to wait for governments to ban Russian software. If a vendor’s credibility is questioned, or if there is a fear that their customer loyalty may be changed out or influenced by the Putin dictatorship and utilized to undermine their systems, be confident that Russian-made software will be phased out of business IT infrastructure soon.

Russian citizens working for major firms will very definitely have their contractor visas revoked or not renewed. You can always rely on it.

Any vendor being considered for a substantial software deal with a US corporation will be thoroughly investigated, and if any of their products involve Russian developers, they will be asked. They may forget about doing business in this nation if it fails even the most basic audits and smell tests.

As a result, if a vendor employs a significant number of Russian developers, they will be forced to close shop and relocate their laboratories to the United States or to a nation that is more aligned with US interests, as we have seen with the corporations listed above. This is especially true for anyone interested in working on a government contract.

Then there’s the issue of outsourced companies writing unique code. That becomes a lot more difficult.

There’s the issue of how old the code is and whether or not there are enough auditing procedures in place. We should anticipate US and Western European IT corporations to provide services goods to filter through enormous volumes of unique code soon to ensure that Russian citizens do not leave behind any backdoor compromises while under the grip of the Putin dictatorship.

Wait till your company goes through the Russian Purge to see how much your Y2K mitigation cost.

Identifying a significant risk to security and consumer confidence, the wealthiest firms will respond as swiftly as possible, swallowing the bitter pill of costly audits.

However, many businesses may not have the finances to do so right now. They will do everything they can to reduce the risk on their own, and compromised code may hang around for years until significant system migrations occur and the old code is flushed away (hopefully).

For years to come, we will very probably be dealing with Russian cyberattacks from within our firms, thanks to software built under the guise of having access to relatively inexpensive and highly talented strategically outsourced programmer labor.

 


Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com