July 12, 2011

Embedded Malware Could Threaten US Cybersecurity

The United States needs to be more cautious of computers and other electronics imports that could be tainted with malicious software, said Representative Jim Langevin on Monday after speaking at a cyber security event in Rhode Island.

Cyber criminals are installing bad codes into components at overseas manufacturing plants, with the intent of using these tools to help them launch cyber attacks against the U.S., Langevin told Reuters after the event.

The problem affects both consumer electronics and corporate technology systems, which can hold classified corporate and government data, he said.

"Corrupting hardware and software is embedded in the supply chain," said Langevin, who co-founded the Congressional Cybersecurity Caucus.

"We have a real challenge on our hands to better secure the supply chain."

Corrupted supply chain components are a growing threat to the nation, particularly in military operations, said cyber security expert Doug White, Director of the Forensics Applied Networking and Security Center at Roger Williams University.

"It's not something that a lot of people have thought about in the past. They should have thought about it," said White during an interview with Reuters.

"What if you went on a battlefield and hit a button and everything stopped working? It's pretty scary stuff," he said.

Langevin and White spoke at a news conference in Providence about a new state program to battle cyber threats -- the Rhode Island Cyber Disruption team.

Langevin, a member of the U.S. House of Representatives committees on Armed Services and Intelligence, is sponsor of the Executive Cyberspace Coordination Act of 2011, which addresses issues such as providing federal government assistance to utilities and other companies that manage critical U.S. infrastructure projects.


On the Net: