Homeland Security warns of China software threat

Summary:The Department of Homeland Security has issued a warning after a security researcher discovered software from a Chinese company contained bugs which hackers could exploit to launch attacks on critical infrastructure including utilities.

The U.S. Department of Homeland Security (DHS) has issued a warning after a security researcher discovered software from a Chinese company contained bugs which hackers could exploit to launch attacks on critical infrastructure including utilities, Reuters reported.

The newswire wrote Friday that the DHS' Industrial Control Systems Cyber Emergency Response Team cautioned organizations against products from Beijing-based Sunway ForceControl Technology, which are said to be widely used in China to run infrastructure systems and to a lesser extent in other countries including the United States.

The vulnerabilities were discovered by Dillon Beresford, a researcher with private security firm NSS Labs, who told Reuters that hackers could leverage the flaws to "cause destruction". Beresford acknowledged that Sunway had come up with software patches to plug the holes but pointed out that it could take customers months to install the patches, which would present hackers a "window of time in which to exploit those vulnerabilities".

For more on this story, read US warns China software risk to public infrastructure on ZDNet Asia.

Topics: IT Employment, China, CXO, Security, Software

About

Jamie Yap covers the compelling and sometimes convoluted cross-section of IT and homo sapiens, which really refers to technology careers, startups, Internet, social media, mobile tech, and privacy stickles. She has interviewed suit-wearing C-level executives from major corporations as well as jeans-wearing entrepreneurs of startups. Prior... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.