The reason why SRI or STS will be exempted from the application of the law that prohibits the use of Kaspersky antivirus and other Russian IT solutions in public institutions is to allow these institutions to test and exploit the vulnerabilities of these programs in the interests of national security, the Minister of Digitalization claims Sebastian Burduha.
Government adopted this month The bill bans government agencies from using or buying Kaspersky antivirus and other IT solutions in Russia, and removes Russian software from public sector computers for a certain period of time. Otherwise, they face a fine of 50,000 to 200,000 lei.
The bill is motivated by Russia’s invasion of Ukraine and the fact that there is a risk that Russia could use this software for a cyber attack.
On the other hand, the provision of this project exempts from the application of the future law precisely those institutions that should deal with the cyber security of the state:
Article 1
- (4) The purpose of this law is to prevent and counter cyber threats created by state and non-state actors on communication infrastructures and information technologies that are critical to national security.
- (5) The provisions of this law do not apply authorities and state institutions with their own powers in the field of national security, cyber security, national defense and public order.
VIEW THE DRAFT LAW AND THE FUND HERE
Although not specified, it is likely that institutions such as the Romanian Information Service (SRI), which plays a role in cyber security, or the Special Telecommunications Service, which ensures the communication security of major central government agencies, the National Cyber Security Directorate (DNSC) will come in here. as well as other defense or public order agencies.
Minister Burduja: The programs will be used only for the purpose of testing and exploiting certain vulnerabilities
HotNews.ro requested an explanation of this situation from the Minister of Digitalization, Sebastian Burduzhi, during the government’s press briefing on Thursday evening.
- “The project went through a long process of interagency approval, including in the national security agencies, and this was one of the comments received. The details I can provide you are related to the fact that these decisions can be verified by these institutions and used to protect Romania’s national security interests.
- It is not about using them effectively at the level of the average user, but simply about having access to them to be able to test and use them,” Digitalization Minister Sebastien Bourduilla said in government on Thursday.
Asked by HotNews.ro whether these institutions, which have a large number of employees, computers and IT systems, will still be able to use these IT solutions from Russia, the minister said:
- “I repeat, only for the purpose of testing these applications and exploiting certain vulnerabilities of these applications. So I think you would also like national security organizations to be able to identify vulnerabilities in certain decisions in the Russian Federation and act accordingly,” Sebastian Bourduya said.
During the press briefing, government spokesman Dan Carbonaro also intervened, stating that “those who are involved in the protection of IT systems inevitably, by the nature of their work, face these situations, and then certain terminals. with which these situations are managed, they inevitably have contact with them.”
- “So we’re not talking about a legal framework that would allow those institutions that you mentioned to use these kinds of IT solutions on a large scale,” Dan told Karbunaru.
The bill, however, does not mention the fact that Russian IT applications will only be tested on certain terminals and, as it is currently worded, will allow the continued use of Russian antivirus where it is already purchased and installed.
The Minister of Digitalization wanted to emphasize that the draft law can now be submitted to the parliament.
- “I explained to you why it cannot be completely abandoned, precisely in order to better protect us, that is the point. But the law is under parliamentary debate, so amendments may be formulated to the extent that fellow MPs and senators deem necessary,” Minister Sebastian Bourduya also noted.
Read more: The law banning Kaspersky antivirus and other Russian IT solutions in public institutions is under consideration by the government. DRI and DPS exempted from obligations
Photo source: Dreamstime.com
Source: Hot News RO
Robert is an experienced journalist who has been covering the automobile industry for over a decade. He has a deep understanding of the latest technologies and trends in the industry and is known for his thorough and in-depth reporting.