What if it just wouldn’t die?
Whenever we think of malware: viruses, Trojans, RATs (remote-access Trojans), etc., we always seem to rest easy that somehow, we can disinfect and eradicate the infection(s) using products that are commercially available antimalware packages.
No longer.
One of the most frightening developments to come out of the recently-concluded Black Hat security confab in Las Vegas was a demo of a backdoor that could be embedded into firmware on the motherboard of a computer, and carry a payload smart enough to hide a copy of itself in other chips when a disinfection is in effect.
Say what now?
People, this doesn’t get any better.
Tom Simonite has a piece in Technology Review where he breaks down the tech demo:
The backdoor tool, dubbed Rakshasa, needs to be installed into the BIOS chip on a PC's motherboard, on which the main processor and other core components are mounted. A computer's BIOS chip contains the first code, known as firmware, which a computer runs when it is powered on to start the process of booting up the operating system. Brossard also found he could hide his malicious code inside chips of other hardware components such as network cards, and have it jump into the BIOS when necessary.
"If someone puts a single rogue firmware on your machine, he basically owns you forever," the hacker, Jonathan Broussard, told an audience of fellow hackers and computer security professionals at Black Hat.
Sheeeez!
Die. Die already!
Go have a read of the entire article, A Computer Infection that Can Never Be Cured.
There’s no other way to spin this: we’re in deep kimchee!
Conclusion
It is way beyond time that our security and military apparatuses start investigating the validity of the firmware in both our weapons and their computing equipment.
Furthermore, it behooves all Western companies to stop and think before committing all their manufacturing to the Far East. If we can show that we are dealing with a concerted, state-sponsored spy-and-theft organ, all credibility would be lost, and the manufacturing and subsequent jobs, would return to our shores.
© 2005-2012, John Obeto for Blackground Media Unlimited