Anthony James is vice president at CipherCloud and former CMO at TrapX, whose researchers previously discovered the Chinese-generated Zombie Zero nation‐state sponsored Zero Day attack.
Anthony James, Vice President at CipherCloud and Former CMO at TrapX:
“The accusation that the Chinese are embedding malware and surveillance into standard devices is quite real and based on facts. In 2014 an embedded malware named “Zombie Zero” targeted the shipping and logistics industry. The weaponized malware was delivered into enterprise shipping and logistics environments by a Chinese manufacturer that sold proprietary hardware for terminal scanners (barcode readers) used to inventory items for shipment. The malware was delivered through the Windows embedded XP operating system pre-installed on the hardware at the manufacturer’s location in China. The embedded malware would send information back via a botnet that terminated at the Lanxiang Vocational School purportedly located in the Shangdong province in China.”
“The school was tied to the nefarious Operation Aurora cyber-espionage campaign that hit Google, Adobe, Intel, and many other major US firms a few years earlier. Not-so-amazingly this cyber espionage group was located about one block from the inventory scanner manufacturer in question. So you would buy a new barcode scanner from this manufacturer and magically get a dose of this pre-installed weaponized malware courtesy of Lanxiang Vocational School, a repeat offender proxy for the Chinese government cyber activity.”
“These belligerent nation states are attacking our manufacturers and our supply chain. Nation state-sponsored attacks against the west are ramping up – neither enterprise nor municipal government has the capacity to deal with this type of attack. Respectfully submitted, that may include Amazon, Apple, and other companies that may not have the resources or funds allocated to detecting and eliminating such a sophisticated threat.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.