Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":125,"date":"2011-07-10T12:25:25","date_gmt":"2011-07-10T12:25:25","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=125"},"modified":"2019-04-17T12:22:18","modified_gmt":"2019-04-17T12:22:18","slug":"u-s-official-admits-imported-computer-tech-is-known-to-be-infected","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2011\/07\/10\/u-s-official-admits-imported-computer-tech-is-known-to-be-infected\/","title":{"rendered":"U.S. Official Admits Imported Computer Tech is Known to be Infected"},"content":{"rendered":"

\"523093-borg_large\"<\/strong><\/p>\n

Spam-ready tablets off the shelves? Zombie PCs out of the box? Testifying before U.S. Congress this week, a top official for the Department of Homeland Security said that technology being imported into the country is sometimes known to contain preloaded security threats. The disturbing news leaves us wondering what\u2019s next \u2013 perhaps our credit card numbers automatically being published to Twitter and Facebook when we sign up for an account?<\/p>\n

As if the raging war on spam isn\u2019t bad enough, an ominous moment in U.S. Congress this week should leave an unsettling feeling in anyone who has purchased a PC, tablet, or any other connected device; anyone who worries about the safety of their information, for that matter \u2013 in other words, pretty much everyone.<\/p>\n

Testifying before Congress at the House Oversight and Government Reform Committee this week, Greg Schaffer \u2013the Department of Homeland Security (DHS) Assistant Secretary for Cybersecurity and Communications \u2013 admitted that Homeland Security and the White House are aware that electronics and software imported into and sold in the United States are sometimes pre-installed with malware, spyware, keyloggers, and even the components of botnets. Not only are they aware of these threat-laden devices, various media outlets report, but in fact they have been aware for quite some time.<\/p>\n

Fast Company first reported<\/a> the story on Friday. Schaffer was testifying in a tense exchange between himself and Representative Jason Chaffetz. \u201cWhen asked by Rep. Chaffetz whether Schaffer was aware of any foreign-manufactured software or hardware components that had been purposely embedded with security risks, the DHS representative stated that \u2018I am aware of instances where that has happened,\u2019\u201d but not before a long pause where Schaffer seemingly considered the implications of his answer.<\/p>\n

According to PC World<\/a>, Schaffer didn\u2019t go as far as singling out PCs, tablets, or even DVDs and smart phones. \u201cSchaffer admitted he is aware of instances when foreign-made technology was built with embedded security risks but did not elaborate on what kind of equipment DHS has encountered. He also pointed out that overseas components are found in many domestically manufactured electronics.<\/strong>\u201d [Emphasis added]<\/p>\n

It\u2019s not news that some consumer devices and products have entered the retail world with viruses or other malware. Several years ago, digital picture frames with USB ports were found to be infected, and every so often a piece of software is inadvertently set into the wild with some sort of Trojan or some such malware. What makes this story chilling, however, is Schaffer\u2019s implication that the problem could be far larger than just the odd digital photo frame or errant code in a piece of software. If the malware is actually hard-coded onto a chip \u2013 as opposed to pre-installed on a hard disk drive \u2013 then these chips could be finding their way into everything that has a wired or wireless connection with the Internet. The problem? Hard drives can be wiped. Onboard chips are like taxes \u2013 they\u2019re there for life.<\/p>\n

Neal Ungerleider of Fast Company suggests that something sinister may be at work here, drawing from the White House’s Cyberspace Policy Review<\/a>:<\/p>\n

\u201c[In the review] is a small acknowledgment that the Executive Branch knows something weird is happening in imported tech:<\/p>\n

‘The emergence of new centers for manufacturing, design, and research across the globe raises concerns about the potential for easier subversion of computers and networks through subtle hardware or software manipulations. Counterfeit products have created the most visible supply problems, but few documented examples exist of unambiguous, deliberate subversions…The challenge with supply chain attacks is that a sophisticated adversary might narrowly focus on particular systems and make manipulation virtually impossible to discover.<\/strong>Foreign manufacturing does present easier opportunities for nation-state adversaries to subvert products; however, the same goals could be achieved through the recruitment of key insiders or other espionage activities.’ [Emphasis added]\u201d<\/p>\n

Don\u2019t Panic!<\/strong><\/h2>\n

As disturbingly eerie as this information certainly is, it begs the question: what can we do about it? The answer is readily available. Nothing, at least not as single consumers or even as IT\/IS Managers. Some might decide to throw out all their devices and in a Walden<\/em> <\/em>moment, return to nature, resorting to carrier pigeons and smoke signals to communicate with the outside world; but most of us recognize that technology owns us now, and for good or for bad, better or worse, we like it. Heck, we love it! We refuse to reject technology because, well, how could we? It makes our lives easier. It makes our lives better, at least if you believe the mantras of GE (We Bring Good Things to Life) and LG (Life\u2019s Good).<\/p>\n

Conspiracy Theory<\/strong><\/h2>\n

Assume for a moment that the White House and other governments know far more than they\u2019re saying (not a leap at all). Then assume that detecting and removing these hard-coded security risks not only represents a huge difficulty, but rather a virtual impossibility (not a stretch). Now imagine that the threats represented by this built-in malware could be a mixture of state-sponsored and\/or private interests \u2013 some in it for innocuous concepts like \u2018national security\u2019 and some in it for more tangible returns like money. Finally, imagine if the whole truth got out \u2013 how it would create such a panic that Greece\u2019s finances would seem rock-solid next to what was left of the global economy. No wonder Schaffer took so long to answer.<\/p>\n

As much as it sounds like the stuff that Hollywood is made of, the truth is in there somewhere. If so, then (for all you Star Trek fans) like the Borg, this new threat is lurking and waiting, ready to pounce and assimilate your information, and there\u2019s not a darned thing you \u2013 or anyone else \u2013 can do about it. Come to think of it, spam is<\/em> the equivalent of the Borg \u2013 maybe even a progenitor of the 24th Century race.<\/p>\n

I think I\u2019m going to avoid the rush and post all my personal information on Twitter. I hate waiting.<\/p>\n

 <\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Spam-ready tablets off the shelves? Zombie PCs out of the box? Testifying before U.S. Congress this week, a top official for the Department of Homeland… <\/p>\n","protected":false},"author":3,"featured_media":128,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-125","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/125","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=125"}],"version-history":[{"count":3,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/125\/revisions"}],"predecessor-version":[{"id":1850,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/125\/revisions\/1850"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/128"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=125"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=125"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=125"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}