DHS: Imported Consumer Tech Contains Hidden Hacker Attack Tools

[InfoSec News <alerts () infosecnews org>]

http://www.fastcompany.com/1765855/dhs-someones-spiking-our-imported-tech-with-attack-tools

By Neal Ungerleider
Fast Company
July 8, 2011

A top Department of Homeland Security (DHS) official has admitted on the 
record that electronics sold in the U.S. are being preloaded with 
spyware, malware, and security-compromising components by unknown 
foreign parties. In testimony before the House Oversight and Government 
Reform Committee, acting deputy undersecretary of the DHS National 
Protection and Programs Directorate Greg Schaffer told Rep. Jason 
Chaffetz (R-UT) that both Homeland Security and the White House have 
been aware of the threat for quite some time.

When asked by Rep. Chaffetz whether Schaffer was aware of any 
foreign-manufactured software or hardware components that had been 
purposely embedded with security risks, the DHS representative stated 
that “I am aware of instances where that has happened,” after some 
hesitation.

This supply chain security issue essentially means that, somewhere along 
the line, technology being marketed in the United States was either 
compromised or purposely designed to enable cyberattacks.

Schaffer, who has an extensive background in cybersecurity and 
communications infrastructure management, did not elaborate on the 
compromised tech that DHS has encountered. However, he did emphasize 
that foreign components are found in many American-manufactured devices.

[...]

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/