Resellers represent a potential cyber security risk

Stuart Poole-Robb, chief executive of KCS Group, warns that resellers could be an increasing target for cyber criminals

Resellers in the IT industry are coming under increasing scrutiny from a security standpoint as cyber criminals and foreign governments gear up for malware attacks this winter.

With the UK now a top target for the increasingly sophisticated varieties of malware being aimed at corporate IT systems, resellers are an obvious entry point for cyber criminals bent on financial fraud and cyber spies trying to steal corporate business plans or new product designs.

When corporations, no matter what their size, enter into partnerships or other close relationships such as those with IT resellers, they implicitly agree to open up their IT systems to a third party. Whilst reputable resellers and their executives should have only their clients' best interests at heart, resellers may unwittingly be used as a conduit for malware.

Pirated software coming pre-installed on equipment bought from foreign resellers has been recognised as an industry problem for some time. Two years ago, Microsoft launched infringement proceedings against nine resellers in China who had installed pirated software in PCs from Lenovo. Hewlett Packard, Dell and Acer. This was part of a blitz conducted by Microsoft on Asian resellers making a practice of pre-installing pirated versions of its Windows operating system on new computers.

But over the last two years, cyber crime and cyber espionage have both mushroomed to an extent where pirated software not only comprises copyrighted code but also frequently includes a nasty surprise in the form of malware. Earlier this year, researchers identified a piece of malware known as Zombie Zero. This was designed specifically for the Windows XP operating system. Although officially obsolete, the OS is still in widespread use by many firms, including those deploying ATM cash machines. The malware was created to recognise financial data and rely it to the cyber criminals.

The problem is widespread. According to research conducted by IDC in 2012 revealed the staggering statistic that at least a third of all PC software is counterfeit, endangering the security of the user.

Since then, governments across the world have been increasingly active in the field of cyber espionage. China has proven to be especially adept at spying on Western organisations and is know to have literally regiments of hackers as part of its military. While it is widely know that China's state sponsored cyber spies target foreign governments such as the US and the UK, it is less commonly grasped that they are also extremely active in monitoring and copying all kinds of data from ordinary companies. In an effort to play catch up with Western technology, China routinely supplies its manufacturers with the latest product designs and other key intellectual property stolen from the IT systems of Western organisations.

What many companies have yet to grasp is that, even if their own products and services are fairly traditional and far from cutting-edge, their IT systems may still be targeted by foreign powers. In the increasingly complex cyber chains that link modern businesses to one another, malware initially installed on the IT system of a company with little to safeguard can be used to hack into the servers of a partner or client company.

Given the rapidly escalating level of malware attacks such as that which recently compromised 76 million JP Morgan accounts and the highly publicised Home Depot hack, companies of all sizes need to tighten ensure their IT defences keep pace.

Even when dealing with known supply chain partners such as trusted resellers, companies should still be wary of pre-installed malware which may be sitting secretly on their systems, potentially compromising their financial data and intellectual property while also damaging their relationship with partner companies, suppliers and clients.

The only solution is for all organisations to ensure that modern sober security procedures are fully in place while dealing with third parties such as service providers and IT resellers. Rather than relying on traditional anti-virus products, organisations must deploy more pro-active security software capable of discovering malware that is already sitting on their systems.

Stuart Poole-Robb is chief executive and founder of strategic intelligence and risk company, KCS Group.


Read more on Threat Management Solutions and Services