Dell revamps hardware testing in wake of malware issue

Company has added 16 additional steps to weed out hardware issues

A sequence of errors led to Dell's delivery of motherboards with malware and the company is in the process of overhauling its testing process to resolve issues before dispatching hardware to customers, it said on Thursday.

Dell on Wednesday said that some replacement motherboards for PowerEdge servers may have contained the W32.Spybot worm in flash storage. The malware issue affected a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, the company said.

"There was a sequence of human errors that led to the issue, That being said, we have identified and implemented 16 additional process steps to make sure this doesn't happen again," said Dell spokesman Jim Hahn.

Hahn did not provide additional details on the steps being added to track and resolve such issues. But he said that all affected motherboards had been removed from the service supply chain. Current antivirus software with updated signatures would flag the malware's presence and users would have to be running an unpatched version of Windows 2008 or an earlier version of the OS.

A Dell quality management specialist wrote in an e-mail that the code was accidentally introduced during the manufacturing process of the server motherboards. The code was detected on the embedded server management firmware during internal testing by Dell.

Motherboards come with flash storage -- typically NOR flash -- that stores the BIOS, which provides the instructions to boot the system, said Gregory Wong, president of Forward Insights. Flash is a nonvolatile form of memory that can retain data even after a computer is shut down.

Flash on motherboards are susceptible to the same kind of malware infections that USB flash devices are prone to, said Simha Sethumadhavan, assistant professor of computer science at Columbia University. This incident shows how hardware, either flash or a processor, if hacked, can be used as a way to transmit malware.

"All software runs on hardware. If the processor is hacked then it can subvert all software countermeasures. Since hardware is the root of trust, attacks on hardware are potentially more dangerous," Sethumadhavan said.

Motherboards also could have solid-state drive units for data storage, said Jim Handy, director at Objective Analysis, a semiconductor research company. But instructions to start a system originate from a NOR flash chip, which would also imply that the malware is "pretty small," Handy said.

"This flash is the one that holds your BIOS and it can be updated online. If proper security precautions are not in place, the flash chip is every bit as capable of containing a piece of malware as is the hard-disk drive," Handy said.

Columbia's Computer Science Department uses Dell PowerEdge R410, but was not affected by the issue, said Daisy Nguyen, IT director for the computer science department at Columbia University. Nguyen said Dell offers competent products and the malware issue won't affect the department's decision to purchase products from the company.

"Dell immediately admitted to the problem," Nguyen said. The company also moved quickly to resolve the issue, she said.

Nguyen said that Dell has agreed to try and send some samples of the motherboards with malware so the university can research the issue as part of an investigation into securing hardware systems.

Join the PC World newsletter!

Error: Please check your email address.

Tags LinuxDrivesserversstoragehardware systemsComponentsnon-Windowsoperating systemsmalwareMotherboardsColumbia UniversityDellsecurity

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Agam Shah

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?