DHS: Imported Gadgets Possibly Include Malicious SoftwarePosted: July 12, 2011 9:32 am
By: InfoSec News - Information Security
DHS: Imported Gadgets Possibly Include Malicious Software
By: Chloe Albanesius | 11th July 2011
A Homeland Security official confirmed last week that tech components imported from overseas, many of which end up in some of the most popular American gadgets, are often infected with malicious software.
“This is one of the most complicated and difficult challenges that we have,” Greg Schaffer, acting deputy undersecretary at DHS’ National Protection and Programs Directorate, said during a Thursday hearing.
Schaffer was responding to questions from Rep. Jason Chaffetz of Utah, chairman of the House Oversight Subcommittee on National Security, Homeland Defense and Foreign Operations.
“Clearly, supply chain risk management is an issue that the administration is focused on,” Schaffer said when asked how the U.S. was battling this problem. When pressed for details, Schaffer was reluctant to expand except to say, “I am aware that there have been instances where that has happened.”
“The range of issues goes to the fact that there are foreign components in many U.S. manufactured devices,” Schaffer continued. “There is a task force that DHS and DOD co-chair to look at these issues with goals to identify short-term mitigation strategies and to also make sure that we have capability for maintaining U.S. manufacturing capability over the long term.”
Chaffetz expressed concern that the private sector was not in the loop with what the government was doing on this issue, but Schaffer insisted that DHS does indeed consult its private-sector partners.
Full story here: DHS: Imported Gadgets Possibly Include Malicious Software
Research by: Shanil Prasad