Some 20% of all the hardware bought from China found infected with malware capable of stealing personal details

MPs call for war on technology crime

Microsoft has reportedly discovered an emerging botnet enabled by malware inserted in PC supply chains that can spread through USB flash drives and help criminals infiltrate online bank accounts.

Once connected, the malware carries out distributed denial of service (DDoS) attacks capable of affecting large networks by overloading them with internet traffic.

Leading threat protection company FireEye’s European director Paul Davis said some of the malware was capable of remotely turning on an infected computer’s microphone and video camera, posing a serious cyber espionage issue for consumers and businesses alike.

He added: “If the exploitation of supply chain vulnerabilities should become an emerging trend, it should be taken very seriously indeed, as the impact could be far-reaching, costly and destructive.”

Normally people expect a PC to be secure when it comes out of the box, but this could change given that malware is now being inserted at such an early stage in the product lifecycle.

Davis also pointed out that it is difficult to pinpoint the source of infection given that hardware travels through so many different suppliers during development.

“The only real defence is a holistic, constant and proactive approach to IT security that will plug all security holes, monitor all network activity and stop any intrinsic malware from causing further damage,” he said.