By William Jackson
A congressional intelligence panel recommends that “the United States should view with suspicion the continued penetration of the U.S. telecommunications market by Chinese telecommunications companies,” and a recent report on emerging threats identifies supply chain security as a growing concern.
But the report from the Georgia Tech Information Security Center and Georgia Tech Research Institute also characterizes supply chain threats as “hard to detect, expensive to fix, and a policy nightmare,” with few good solutions.
Supply chain threats involve the inclusion of back doors, malicious code or other flawed hardware, software or firmware in products; and the threats can occur anywhere along the line, from developers and manufacturers to vendors and integrators. They can include substandard or illegal counterfeit goods as well as maliciously designed products that can allow unauthorized access to sensitive systems, including critical infrastructure in our nation’s private sector, civilian government and military.