Hacked from China: Is your kettle spying on you?
(MoneyWatch) In a world where the National Security Agency allegedly monitored the phones of several world leaders and broke into data centers of Google (GOOG) and Yahoo (YHOO), it is easy to forget the more mundane ways consumer privacy is at risk. Like via your iron or kettle.
According to a report on state-owned TV in Russia (via the BBC), ensuring crisp creases has apparently become a new way for cyber criminals to attack computers. Some irons imported from China allegedly showed evidence of including wireless spy chips that could connect to unprotected Wi-Fi networks and spread viruses. And tech blog The Register notes that reportedly chips were also found in kettles.
The Russian news agency Rosbalt reported that a few dozen products were at retailers in St. Petersburg. The spy chips had infiltrated some company networks, using them to send spam.
It sounds like a spy thriller spoof, but this is hardly the first time Chinese products were reported infested with ways for someone to break into systems. There was the report last year that a researcher found a so-called back door in a military-grade computer chip, meaning that someone could, from anywhere, get ready access to the chip and, through it, connected systems.
If military-grade products can be compromised, consumer products can be as well. Former U.S. counter-terrorism head Richard Clarke says that any electronics product made in China is potentially vulnerable. Many parts are counterfeits with no control by manufacturers over how they're designed and built, and Clarke wonders whether "real" parts from China could also be compromised. (Other security researchers disputed whether the backdoors were added by China or even intentionally malicious. Backdoors are sometimes added by manufacturers as mechanisms for testing and support, although they still add a vulnerability.)
There have been cases where suspected hacking from China paralleled Chinese military interests, again raising suspicion that the government is either directly or indirectly involved with both military and industrial espionage.
But given the vast number of products made in China and the increasing percentage of items that included chips of some sort, the potential for problems could be disturbing. One step, as CBS MoneyWatch's Dave Johnson recently noted, is to turn encryption on for all your wireless networks. That locks out any device that doesn't know the password.
Of course, that wouldn't necessarily help block a new computer "super virus" that seems to infect computers even without a network connection, according to an Ars Technica report. The original discovery was by a highly-respected security researcher and no one is sure how it works, other than possibly using high-frequency sound emitted by the speaker of an infected computer and received by the microphone of the target. Could an infected household appliance include a tiny speaker that might broadcast such a sound? Certainly.
Pencil and paper, anyone?