Israel reportedly behind discovery of Russian antivirus company’s spy links

Computer hacking

 

Israeli spy services were reportedly behind the United States government’s recent decision to purge Kaspersky Lab antivirus software from its computers, citing possible collusion with Russian intelligence. Last month, the US Department of Homeland Security issued a directive ordering that all government computers should be free of software products designed by Kaspersky Lab. Formed in the late 1990s by Russian cybersecurity expert Eugene Kaspersky, the multinational antivirus software provider operates out of Moscow but is technically based in the United Kingdom. Its antivirus and cybersecurity products are installed on tens of millions of computers around the world, including computers belonging to government agencies in the US and elsewhere. But last month’s memorandum by the US government’s domestic security arm alarmed the cybersecurity community by alleging direct operational links between the antivirus company and the Kremlin. Continue reading

Security backdoor found in China-made US military chip

As discussed in numerous previous posts, China (and Russia) has made it known that they can toy with our electrical grid, nuclear deterrent, water/sewage systems via SCADAs, infiltrate government and military computers at will and pop nuclear submarines up in the middle of US Navy exercises… undetected. The “manchurian microchip” is nothing new, but this nevertheless adds credibility to how dire the situation is — yet the public is too busy paying attention the non-news of the day in ‘keeping up’ with the Kardashians. The implanting of such devices is no accident as it takes time and technological know-how, thus readers should take caution when whitewashing attempts continuously downplay the threat as evidenced in this article. This has gone on for decades and sooner rather than later America might see itself hit with One Clenched Fist. Sleep tight.

A microchip used by the US military and manufactured in China contains a secret “backdoor” that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University’s Computing Laboratory.

The discovery was made during testing of a new technique to extract the encryption key from chips, developed by Cambridge spin-off Quo Vadis Labs. The “bug” is in the actual chip itself, Skorobogatov wrote, rather than the firmware installed on the devices that use it, meaning there is no way to fix it than to replace the chip altogether.

“The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry,” wrote Skorobogatov.

However, Robert Graham, of US security consultancy Errata Security, wrote yesterday that the backdoor is unlikely to have been added maliciously. He claims that the entry route discovered by Skorobogotov is likely to be a debugging tool deliberately installed by the manufacturer.

“It’s remotely possible that the Chinese manufacturer added the functionality, but highly improbable. It’s prohibitively difficult to change a chip design to add functionality of this complexity.”

He also questioned the description of the chip as “military grade”. “The military uses a lot of commercial, off-the-shelf products. That doesn’t mean there is anything special about it.”

Graham writes that the backdoor could pose a security threat, however. “It not only allows the original manufacturer to steal intellectual-property, but any other secrets you tried to protect with the original [encryption] key.”

Full article: Security backdoor found in China-made US military chip (Information Age)