Thursday, July 14, 2011

Right to know about cyber threats imported in devices

Software often bears wormy malware, spyware in Trojan horse devices - Department of Homeland Security

(Watch DHS official squirm as Congressman pins him down about malicious worms imported with cyber devices and software – the exchange is at 51:47 on this government video)



Washington – A top Homeland Security official confirmed for the first time in Congressional hearings that cyber devices and software imported for consumer use is often infected with wormy malware and spyware.

Greg Shaffer, Department of Homeland Security acting deputy undersecretary for national protection and programs, hemmed and hawed around until Rep. Jason Chaffetz, R- Utah, made him answer his original question asking if “the issue of software infrastructure hardware built overseas with items embeded in them already by the time they get to the United Sates...poses, obviously, security and intellection property risks.”

The question came in a House Oversight and Government Reform Committee hearing to consider tightening security controls on imported cyberware such as key-logging software, botnet components and software designed to defeat security programs installed on the same machine.”

When the official continued to resist answering his question, Mr. Chaffetz finally said he was well aware that further stalling could see his 5-minute time limit expire. He demanded a yes or no answer, saying, “Are you aware of any component software (or) hardware coming to the United States of America that already have security risks embedded into those components?”

Mr. Shaffer paused for a protracted period and, tight-jawed, said “I am aware that there have been instances where that has happened.”

The matter was first reported in Fast Company last week.

In opening remarks, Committee Chairman Darren Issa, R-Ca, said that the taxpayers have a "right to know" if their government is spending their money wisely to protect them from threats originating beyond our borders, or if government is serving as a partner for corporate interests not necessarily so protective of the citizenry. The inquiries are in support of a move by the Obama Administration to craft legislation designed to minimize the risks attendant therein.

No comments:

Post a Comment