Tuesday, May 28, 2013

Blue Coat Systems - Having the Blues over Syria Again

Just when you thought, it was over. More Blue Coat Systems proxy servers appear to be in Syria. Not a good may for Blue Coat COO and president David Murphy.  This technology is forbidden to be sold into the country.  This was conveniently ignored by a rogue reseller in 2011.    

In a statement made in December 2011 by Blue Coat  after a number of Blue Coat servers were discovered to being used by the Syrian government  – “We don’t want our products to be used by the government of Syria or any other country embargoed by the United States.  If our review of the facts about this diversion presents solutions that enable us to better protect against future illegal and unwanted diversion of our products, we intend to take steps to implement them.”

Fast forward to March, 2013.  Advocacy group Reporters Without Borders named Blue Coat Systems (now a private company held by Thoma Bravo) as among the "corporate enemies of the internet".  They stated that Blue Coat was among five companies whose equipment has been used for surveillance and censorship by "authoritarian regimes."

On March 23, a group of computer hackers known as Telecomix released data it says show that 34 devices manufactured by California-based Blue Coat Systems Inc. were being employed by Syrian telecom operators.

In April, Blue Coat issued a statement  acknowledging that Dubai-based Computerlinks ZFCO has been penalized for the “unlawful diversion of Blue Coat ProxySG appliances to Syria” in 2011. Blue Coat also said that  have  taken additional steps to guard against future diversions of its products by third parties and that they have built up their compliance program.  All good, then, until April.

On May 23, group computer hackers known as Telecomix released a report stating  that 34 Blue Coat System devices were being used by the Syrian government, despite the US embargo.

Steps against “unwanted diversion” may need to be strengthened.  Enforcement is difficult for Blue Coat and other security vendors.It isn't a necessary evil. It's necessary.   They rely on a network of resellers to sell their products, and unfortunately, some of them do go rogue.  Fortunately, Blue Coat and others can and do try to prevent these systems from being upgraded and receiving any update files. 

No comments: