What to Do About Chinese Propositioned Malware in U.S. Infrastructure
By
Branko Terzic
FBI Director Christopher Wray, speaking on February 15, 2024, in at the Munich Security Conference, warned that China had “prepositioned” malware in U.S. infrastructure. “What we’re seeing now,” said Wray “is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right.” The director was informing the world, and the audience back home in the U.S. that Chinese hackers had penetrated the software of U.S. public utilities; electric, natural gas, water, and pipelines.
The fact that the software operating the nation’s infrastructure is susceptible to “hacking’ is understood by experts in the field. Eugene Kaspersky, well known cyber consultant and founder of Kaspersky Labs is quoted as saying “Nowadays, no serious cybersecurity expert can give a 100% protection guarantee. At the current level of information technology development, everything can be ‘hacked’ — the only question is how much effort attackers are willing to expend. Therefore, the only way to avoid an attack is to make it economically unprofitable to potential attackers.”
Cybersecurity experts tell me that the best cybersecurity software detection systems quickly identify breaches by hackers and apply mitigation or repair promptly. However, one recent report indicates that: “In 2023, only one third of breaches were detected by an organization’s own security team or tools—with the global average cost of a data breach at a whopping 4.45 million US dollars.”
However, Kaspersky and other cyber consultants are only correct with respect to “cybersecurity software” approaches. Protection systems based on “HardSec” or hardware-based designs cannot be “hacked” by distant agents whether from China or other locations.
Director Wray’s speech reminded me that my client Q Net Security Inc, a St. Louis based developer of hardware for cybersecurity applications, has patented cybersecurity hardware that when installed at infrastructure facilities can prevent the remote activation of such previously embedded malware. The “malware” maybe embedded in a U.S. utility but with Q Net’s Q Box protection units, that malware cannot be activated.
Jeremy O’Driscoll of Q Net explained to me that “The most recent threats on infrastructure reported, including Sandworm's and Volt Typhoon's attacks, are all based on Living Off the Land (LOTL) techniques that require remote command and control. Q-Boxes have been designed and tested to block and report any attempt at the unapproved communications used in remote command and control by foreign or domestic hackers.” The reason for this is that the U.S. manufactured Q Box units are based on computer chips, and solid-state chips cannot be “hacked” by a software approach.
According to O’Driscoll, when the remote hacker attempts to take any action, that action will be blocked by the Q Box.
For those still skeptical, testing and analysis by the Electric Power Research Institute (EPRI) have verified that Q Box “remov[e] the ability to receive control signals from an outside source”. If the control signals cannot be received the malware cannot be activated. Its as simple as that.
For additional information see https://qnetsecurity.com/
The Honorable Branko Terzic is a former Commissioner on the U.S. Federal Energy Regulatory Commission and State of Wisconsin Public Service Commission, in addition to energy industry experience was a US Army Reserve Foreign Area Officer ( FAO) for Eastern Europe (1979-1990). He hold a BS Engineering and honorary Doctor of Sciences in Engineering (h.c.) both from the University of Wisconsin- Milwaukee.
#BrankoTerzic #energy #regulations #strategy #cybersecurity #hacking #security #technology #hacker #malware #privacy #it #computerscience #informationtechnology #business #US #USInfrastructure #China #MunichSecurityConference