Counterfeit equipment poses continuing threat

Since my testimony and authoring a restricted report for a Congressional Commission back in 2009, I have been very concerned about the threat of malicious circuitry or code within microprocessors. In fact, several of my blog postings have addressed this threat. The year following that testimony the U.S. Navy disclosed that its investigation found that it (the Navy) had purchased 59,000 microchips that were being used in everything from missiles to transponders, which were counterfeits from China. I also covered the introduction of legislation “Combating Military Counterfeits Act of 2011” to reduce this threat.

This week the results of a year-long Congressional investigation were made public. That investigation concluded, based on available classified and unclassified information, that Chinese telecom companies Huawei and ZTE cannot be trusted to be free of influence from Beijing and could be used to undermine the security of the United States. That’s right, this could pose a national cybersecurity threat. The United States is not the only country with these concerns. Earlier this year Australia barred, on national security grounds, Huawei from participating in the $36 billion national broadband network.

The reality is that critical infrastructure providers, the defense industrial base, and our military and intelligence organizations have awakened to the threats posed by a global supply chain. Supply chain risks are many and will not go away. For years now global sourcing has been used as a tool for competitive advantage (i.e., low price provider). Times are changing and now sourcing within the country of use or a trusted partner country likely will be added as a tool for competitive advantage via national security.