Skip to main content

Imported Software Preloaded with Malware Claims Homeland Security

The US Department of Homeland Security has claimed that some of the imported software and hardware components in the US are affected with malware.

The Cyber Policy Review released by the White House claimed that there was small number of such incidents on record but the threat was pretty much real.

“The challenge with supply chain attacks is that a sophisticated adversary might narrowly focus on particular systems and make manipulation virtually impossible to discover,” the report [PDF (opens in new tab)] read.

“Foreign manufacturing does present easier opportunities for nation-state adversaries to subvert products; however, the same goals could be achieved through the recruitment of key insiders or other espionage activities,” it added.

The deputy undersecretary of the Department of Homeland Security (DHS) National Protection and Programs Directorate GregSchaffer told the House Oversight and Government Reform Committee that he was aware of such attacks that had happened recently.

The US government believes that manufacturers deliberately made their products vulnerable so that the flaw can be used to launch cyber-attacks on the US government, companies and consumers.

The DHS official did not point any fingers but his revelation was clear. Chinese manufacturers made the components that are used to make consumer and enterprise products.

Ravi Mandalla was ITProPortal's Sub Editor (and a contributing writer) for two years from 2011. Based in Ahmedabad, India, Ravi is now the owner and founder of Parity Media Pvt. Ltd., a news and media company, which specializes in online publishing, technology news and analysis, reviews, web site traffic growth, web site UI. Ravi lists his specialist subjects as: Enterprise, IT, Technology, Gadgets, Business, High Net Worth Individuals, Online Publishing, Advertising, Marketing, Social Media, News, Reviews, Audio, Video, and Multi-Media. He has also previously worked as Dy. Manager - IT Security at (n)Code Solutions.