Securing Tech Product Supply Chain Is No Easy Task
A supplier of body cams to police agencies is embarrassed when a computer virus is discovered in its products, highlighting the challenges of keeping malware out of software embedded in electronic devices.Malware and spyware are worries for anyone browsing the less-traveled Internet or wondering whether they should open an attachment from an unknown sender. Yet occasionally, the unwanted programs attempt to hitch a ride on other devices. Florida-based network integrator iPower Technologies found one such device. The company, which is creating a video storage system for police departments, connected several manufacturers' body cameras to its computers. Devices from one supplier, Martel Electronics, set off its antivirus systems, iPower said in mid-November. The antivirus scanner flagged Conficker. The 7year-old computer virus had apparently infected multiple cameras from the manufacturer. Conficker can be difficult to eradicate, as evidenced by its longevity seven years after the first variant started spreading. If an unprotected system had connected to the Martel device, it would likely have been infected, stated iPower, which worried that the computer systems of Martel's customers—mainly police departments—may have been infected.
"As the Internet of Things continues to grow into every device we use in our businesses and home lives each day, it becomes even more important that manufactures have stringent security protocols," Jarrett Pavao, president of iPower, said in a statement. "If products are being produced in offshore locations, what responsibilities lie with the manufacturer to guarantee our safety?"