Written testimony from Robotron’s Erich Mielke for tomorrow’s
joint Homeland Security Committee hearing claims that the Chinese manufacturer
of the Wi-Fi module in the Robotron SicherheitsKontrolle reported that the
backdoor account in that module that was described as a 0-day vulnerability by
ECS-CERT was actually mandated by the security services of the Chinese
government for all Wi-Fi devices manufactured in that country.
That 0-day vulnerability has been identified as one of the
keys to the cyberattack on Bleichen Chemical Company last week that resulted in
a major chlorine release and twelve deaths.
Dragonfire’s Dade Murphy confirmed that his company has seen
similar backdoors in a number of Wi-Fi systems, but could not confirm that this
was a requirement by any government organization. He did admit that backdoors
in such systems would make it easier for the government to maintain surveillance
on dissidents that are routinely labeled as ‘criminal elements’ in that
country. He did report that most Wi-Fi backdoors reported to ECS-CERT have been
reported as being removed by vendors and this has been confirmed by the company’s
researchers in most instances.
Ānquán Xìngchà, the Chinese equipment supplier used by
Robotron for all of their Wi-Fi devices, would not publicly comment on Robotron’s
claims. They did explain that they are prohibited by Chinese regulations from
discussing any cybersecurity requirements mandated by the government or even
describing what those requirements were.
Johnathan Quest, a Federal Bureau of Inquiry spokesman,
reported that the FBI does not have any new information on the vulnerability,
but they are investigating possible links between the Students for Immediate
Neutralization of Chlorine Technology and Energy Reversion (SFINCTER) who
claimed responsibility for the attack last week and Chinese environmental dissident
organizations. It is possible, Quest said, that the 0-day information could
have been transmitted through that link to Stasi Ehemalige, the German hacking
collective that was apparently responsible for the technical aspects of the
cyberattack.
Immanuel C. Securitage from ECS-CERT confirmed that that
organization was continuing to coordinate with Robotron and their affected
suppliers to resolve the vulnerabilities that have been identified in the
Bleichen investigation. He assured reporters today that ECS-CERT was not having
any problems with any of the vendors involved beyond some unexpected language
issues.
William Henry Lee III, the Mayor of Delano, GA, announced
today two additional deaths from chlorine exposure from last week’s attack. He
was also able to announce a decline in the number of people still hospitalized
from injuries related to the incident and that doctors were reportedly
optimistic that there would be not more near-term deaths to report.
There are unconfirmed reports from at least one committee
staffer that there are issues with the electronic lockout-tagout (eLOTO) legislation
crafted by Rep. Watts (R,GA) that may interfere with its consideration at
tomorrow’s hearing. Apparently, the language in the bill requiring encryption
of all communications to and within the eLOTO systems included requirements for
encryption backdoors to allow for law enforcement and regulatory agency reviews
of the data within the systems in the event of incidents such as the Bleichen
attack. This is getting embroiled in the ongoing congressional discussion about
encryption backdoors and may derail quick consideration of the bill.
No comments:
Post a Comment