Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Supply Chain Security Breaches Lead To Pre-Hacked PC Equipment

ESET : 17 September, 2012  (Technical Article)
ESET comments on the revelation that new PC equipment were supplied already hacked from the factory, blaming supply chain security
Supply Chain Security Breaches Lead To Pre-Hacked PC Equipment

In light of the recent story regarding hackers loading viruses onto PCs in the factory, David Harley, senior research fellow, ESET and Mark James, technical team leader, ESET UK made the following comments:

David Harley, senior research follow, said, “This isn't just a known factory-specific attack like the Rakshasa Proof of  Concept attack, but an attack delivered via unsecured supply chains, which means anywhere from the factory that assembled the PC (potentially even before that, if the factory sources components from outside, though I don't know how often PC factories buy in pre-imaged hard disks) to the retailer from whom the customer received it, including wholesalers (and even transport providers, in theory). More often than not, the customer doesn't know much about the origins of the system he buys, let alone the supply chain by which it reaches him.

“Of course, it's possible for a system to be compromised at the factory, and not necessarily deliberately: I remember early in my AV admin days checking a couple of factory-fresh PCs for the IT department I worked in and discovering at first bootup that they were already infected with Michelangelo. Not a big problem for us, but the supplier was mortified. Nowadays, though, it's far more complicated. In this case, the malware is capable of spreading via USB devices, so if an imaged disk wasn't actually protected before it was despatched - as presumably it wasn't - intentional or inadvertent infection would be all too easy.”

Mark James, technical team leader, said, “It seems the logical place to start, if at all possible, from the malware writer's point of view; a lot of "home" users would just un-box and switch on, with Antivirus software typically being one of the later items people consider installing once the machine is up and running, usually expecting it to be preloaded from Day One. If the machine is already infected and talking to the outside world, the end user may be unaware and accept any strange occurrences as "normal for a new machine". Often the end user notices when a new machine becomes "infected and slower", but in this scenario, may not until a specific problem arises. Apart from installing the operating system (OS) yourself and installing a good Antivirus from day one, there is not a lot users can do to protect against this type of abuse and to be honest, this is often beyond the limits of the average home user. I would hope a business environment would have a procedure in place to test new machines for any kind of infection before it was added to the domain or work environment using a good Antivirus program.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo