Imported PCs Infected with Malware, Viruses in New Wave of Cyberattacks

By Erin Harrison July 11, 2011

Nearly two years ago, the White House warned Congress that some software and hardware components being imported into the U.S. are deliberately being infected with spyware and malware – but we’re only hearing about it now.

The Cyberspace Policy Review, first issued in 2009 by the Obama administration concedes, “The nation’s approach to cybersecurity over the past 15 years has failed to keep pace with the threat.”

Yet, the so-called warning was buried in the official report, which said so-called counterfeit products “have created the most obvious supply problems, but few documented examples exist of unambiguous, deliberate subversions.”

“The challenge with supply chain attacks is that a sophisticated adversary might narrowly focus on particular systems and make manipulation virtually impossible to discover. Foreign manufacturing does present easier opportunities for nation-state adversaries to subvert products; however, the same goals could be achieved through the recruitment of key insiders or other espionage activities,” the report said.

But wait, it gets worse.

Since the report was published, Acting Deputy Undersecretary of the Department of Homeland Security (DHS) National Protection and Programs Directorate Greg Schaffer told the House Oversight and Government Reform Committee that he has uncovered “specific occasions” when such potential “espionage” activity has occurred, TG Daily reported.

And yet, it gets worse.

IT Blogwatch reports that Schaffer recently testified that the threat has been on Obama’s radar for some time.

“[I]n testimony before the House Oversight and Government Reform Committee...Greg Schaffer [said] Homeland Security and the White House have been aware of the threat for quite some time. .. This supply chain security issue essentially means being marketed in the United States was either compromised or purposely designed to enable cyberattacks,” the Computerworld blog round-up says.

When the report hit the desks of legislators nearly two years ago, White House officials asserted the U.S. “needs to develop a strategy designed to shape the international environment and bring like-minded nations together on a host of issues, including acceptable norms regarding territorial jurisdiction, sovereign responsibility and use of force.”

Perhaps the focus now should not be on these “specific occasions,” but more so on the strategy the U.S. still lacks two years after this report was filed.

Erin Harrison is Executive Editor, Strategic Initiatives, for TMC, where she oversees the company's strategic editorial initiatives, including the launch of several new print and online initiatives. She plays an active role in the print publications and TechZone360, covering IP communications, information technology and other related topics. To read more of Erin's articles, please visit her columnist page.

Executive Editor, Strategic Initiatives

Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More