Malicious firmware designed into PC components may be next front in cyberwar

DHS acknowledges potential for malicious firmware in IT components built overseas


One of the top honchos in Homeland Security admitted to Congress something everyone who has ever done time in IT support knows: Gadgets other employees bring in from home are trouble.

Some come with a lot of empty space that could be filled up with valuable company information, for those who are into corporate espionage.

[How to live with malware infections and Microsoft yanks security site search after scammers poison results with porn]

Others – mainly for those who are almost as computer savvy as they think they are – install drivers that can corrupt a workstation so completely it will eventually either go Sith or have to be buried at a crossroads with a stake through its heart. (Which it is depends on if the user is more Geek or more Goth.)

Viruses, trojan horses and other malware can also filter in, if IT didn't prepare for Bring Your Own Computer by adding dynamic scanning and policies that bar new devices from connecting to the network unless they've been scanned or approved.

The problem is a lot worse than that, though. Those things are just troublesome.

Some devices manufactured overseas and shipped here contain well concealed bits of malware designed not for mischief, but for espionage, according to testimony given recently to a House security subcommittee by Greg Schaffer, acting deputy undersecretary of the DHS National Protection and Programs Directorate (the length of whose title has, all by itself, caused productivity to decline in his division among government workers who have to type or say it).

The number of electronic devices and components built overseas – often by companies in countries none-too-favorably inclined toward the U.S. – means potential enemies have unrestricted access to smart devices that are hand carried through even tight IT security barriers by users who have no idea they're carrying sophisticated agents intent on espionage.

It apparently doesn't happen that often, but it does happen, according to testimony buried in the White House's Cyberspace Policy Review.

Some of the purposely infected devices were counterfeits slipped into the supply chain without the manufacturer's knowledge; others were "unambiguous, deliberate subversions" of legitimate products embedded with malware designed for espionage.

Join us:






Answers - Powered by ITworld

Ask a Question