Tuesday, July 5, 2011

Dear Scotland Yard, check out your EPROMs

A July 4th article in the U.K. Register reported that Scotland Yard still has no idea why their network "fell over." One paragraph triggered a high-probability hypothesis: EPROM tampering in their printer procurement supply chain.
The MPS had recently acquired a fleet of Canon printing devices and it was thought their addition to the existing infrastructure could be part of the problem, but this has now been discounted, said the spokesman.
If I remember cyber lore correctly, isn't it rumored we substantially brought down the Baghdad air defense system in the first Desert Storm operation with a computer virus slipped into some printer EPROMs? Interestingly, The Register discounted this story on March 10, 2003, but you can't prove a negative (which is why atheists are such an unhappy lot). IMHO, the Register story tracing the history of this "rumor" is highly suspect. Possibly misdirection even.

I've written at length (ie, my January 12, 2011 article on government-reported threats) on supply chain security. Heck, I've even insulted the Chinese (see February 11th of this year).

Which is why my sincere advice to Scotland Yard is, "Check out your printer EPROMs."

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?