The China Hack

Recent revelation about the Chinese government helping their manufactures put backdoor on servers or vice versa creates a big concern for all types of industries.  Not only are the servers of apple and amazon affected, but every server and computer that has a motherboard or other computer chip assembled or manufacturer in China!

How about servers for Medical Software?  What if these are being affected?   This post is intended to create some useful thinking along with some solutions to this great threat coming from over seas!

On a recent article by the Bloomberg website called The Big Hack: How China used a tiny chip to infiltrate U.S. companies explains in details how this elaborate hack was pulled off.

In this post I will give a short version of this article and focused more on how it affects the Medical Industry.  But please note that this Chinese hack affects all the industries around the world, including but not limited banking, automotive, aeronautics, etc…

What makes this hack so dangerous and hard to pull off is that it’s not a software hack, it’s a hardware hack were the manufacturing of these motherboards had to be altered and approved.  The good thing, if any good can come out of it, is that it can be traced by manufacturing serial numbers, etc.

There are two main ways of how a hardware hack like this can be done:

  1.  How the CIA, FBI and other agencies have done in the past, intercept the package between the manufacturer and the purchaser.  For example, if you buy a laptop at dell the government agency can intercept your package open it, alter its webcam and microphone…
  2.   How China just did, by actually modifying the motherboard during manufacturing.

How can we prevent or minimize the risk?

Start by buying only new equipment from american companies like dell and HP.  Also physically block your webcam with devices like a webcam privacy cover

If you are concerned about the security in your office get in contact with our office.  We have security experts that can make an assessment on the security of your data.

Medical Computer Networks is an I.T. Consulting firm that focuses on data security.  The best way to keep your data safe is by backing it up correctly.  We offer a complete managed disaster recovery service.

 

 

Other articles related to this story:

 

 

http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html

 

https://www.wired.com/2013/12/nsa-cisco-huawei-china/

 

 

Making sense of the Supermicro motherboard attack

 

WhatsApp Start Live Chat