The ‘hard’ Trojan

An article in ‘Businessweek’ (October 13, 2008), got my attention.  The main article was entitled ‘Dangerous Fakes’ and what the impact of how counterfeit, defective computer components are getting into US warplanes and ships.

Within the article, there was an example given of how counterfeit routers were sold to the US Marine Corp and Air Force. The US based distributors of the counterfeit routers have subsequently been indicted.  Following on from this, the FBI provided a  briefing in which they outlined how counterfeit routers ‘could’ allow foreign agents to disrupt secure networks and ‘weaken cryptographic systems’.  Now, from what I could discern, there was no proof that these routers had been used to compromise any networks: but the point is made and understood.

For the moment, in the world of malware, Trojans are proving to be a popular and effective delivery method for the bad guys.  It is interesting to see, in this example,  the possibility for hardware to be used as the receptacle for the delivery of an exploit or attack. The hardware is the ‘Trojan’ and the threat lurks within. Given the fact, that increasingly, all manner of electronic devices now have some form of storage, processing power and the ability to ‘network’ themselves, then at a conceptual level, we can see the potential security issues.  Now, actual examples of real-life exploits are few and far between, to my knowledge. That being said, the Businessweek article moves the story on one more notch.

Once again, what it does show, is that the search to get branded goods at ‘bargain’ prices does come at some cost.  Notably, security.  As with everything, the lesson has to be: check into the provenance of what you are buying.

October 19, 2008 | Filed Under Security, Technology 

comments

Leave a Reply