DHS Admits Gadgets May Be Loaded with Malicious Code

Sue Marquette Poremba
Slide Show

Five Places Where Malware Hides

Malware has to live somewhere. And while some Web filtering solutions can detect known malware hosts, most malware hides in sites that are otherwise benign.

I've heard stories for, oh gosh, at least a year, maybe longer, about foreign-made gadgets being pre-loaded with malware. To be honest, I haven't used a USB memory stick in I don't know how long because of this concern.


That in mind, I'm not sure if I'm relieved or angry that the Department of Homeland Security (DHS) is just now getting around to telling us that the government has been aware of this threat for some time. According to an article on PCWorld:

Greg Schaffer, DHS assistant secretary for cybersecurity and communications ... admitted he is aware of instances when foreign-made technology was built with embedded security risks but did not elaborate on what kind of equipment DHS has encountered. He also pointed out that overseas components are found in many domestically manufactured electronics.

This revelation came as Schaffer testified to the House Oversight and Government Reform Committee. It also comes six months after a January U.S.-China Economic and Security Review Commission staff report that stated that concerns about tampering with hardware was theoretical.


ABC News reported earlier on an FBI investigation that looks at whether or not counterfeit routers and other hardware coming from China and installed on U.S. government computers were actually providing an opening for hackers. The ABC News article said:

Sources told ABC News the counterfeit hardware could represent a major breach to national security. An FBI PowerPoint presentation, which somehow ended up on a Web site, lays out the concerns and the breadth of what has been a far-reaching investigation.

According to msnbc.com, Schaffer didn't say specifically what types of electronic components and hardware were problematic. The article stated:

Schaffer didn't say whether the equipment he was talking about included end-user consumer tech like retail laptops, DVDs and media players. If so, his comments, first reported Friday morning by Fast Company, would be the first time the United States has publicly confirmed that foreign consumer technology is arriving in the country already loaded with nasty bugs like key-logging software, botnet components and even software designed to defeat security programs installed on the same machine.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.