Could the technology you use pose a national security risk?
It’s certainly possible. The U.S. Federal Communications Commission (FCC) has recently expanded the list of manufacturers and services it deems national security risks.
The FCC first compiled its list after the passage of the National Defense Authorization Act (NDAA). Section 889 of that act prohibits U.S. government agencies, as well as their contractors and suppliers, from obtaining telecom equipment and services produced by selected Chinese companies.
A separate law, the U.S. Secure Networks Act, further defines the FCC’s role in generating and maintaining this list. The FCC updated the list most recently in September 2022. Many of the companies banned by the NDAA are also on the FCC’s updated list. These include:
- Huawei Technologies Co. Ltd.
- ZTE Corp.
- Hytera Communications Corp.
- Hangzhou Hikvision Digital Technology Co.
- Dahua Technology Co.
- Aventura Technologies Inc.
However, the situation is a bit more complicated. Simply looking at the label on a box or camera may not tell you whether the chipset inside is made by one of the companies on the list. That’s because the list includes not only these companies, but also their subsidiaries and affiliates. Many of their devices, particularly video cameras, are white-labeled and sold under other brand names.
In addition to the manufacturers listed above, both the FCC and the updated NDAA Section 889 list also products, solutions, and services supplied by the Russia-based AO Kaspersky Lab. This addition could create significant challenges for many organizations. Kaspersky offers security solutions and services that range all the way from home applications to enterprise solutions. With many people working from home and using their personal PCs, tablets, and phones, it would not be unusual to find Kaspersky products for home users interoperating with an enterprise IT environment — even if the organization isn’t directly a Kaspersky customer.
In addition, the FCC has added several names to its list of banned companies, including:
- China Mobile International USA Inc.
- China Telecom (Americas) Corp.
- Pacific Network Corp. and its subsidiary, ComNet (USA) LLC
- China Unicom (Americas) Operations Ltd.
How Can Tanium Help?
Tanium continues to monitor and update labels representative of manufacturers and their subsidiaries that have been banned as U.S. government suppliers. Tanium’s Discover module can use these labels to help administrators identify and locate banned devices. The devices can then be targeted for replacement.
For example, Tanium can locate software from Kaspersky Lab in several ways:
Tanium Interact Questions:
- Find installations:
Get Installed Applications from all machines
- Find status:
Get Kaspersky Client Version and Kaspersky DAT Version and Kaspersky DAT Days Old from all machines with Installed Applications:Name contains Kaspersky
Tanium Data Explorer — use the ADI Software Inventory report to review Installed Applications data, add a filter for Kaspersky
Tanium Deploy — if a customer is actively managing Kaspersky via Deploy
Locating service providers
Tanium Reveal can help administrators determine whether their organizations receive services from any of the banned service providers. To do this, Reveal looks inside documents to determine whether the organization is doing business with a banned provider. These documents can include contracts, purchase orders, bills, and provider lists.
While some organizations may rely on manual and static methods to determine whom they do business, Tanium Reveal can search deeper and in real-time to uncover involvements that older methods overlook. Tanium Reveal provides a real-time view inside your documents and assists in satisfying reasonable inquiry requirements.
If you’re a Tanium customer, check out our Community article that guides you step-by-step through identifying and notifying on devices matching those banned from use.
If you need help determining whether your organization is using banned products or services, contact Tanium.