Incident Highlights Supply Chain Management Issues

One of the central worries for cyber security professionals is the issue of supply chain management, namely ensuring that hardware and software produced abroad is not pre-infected with added features to allow future access by a foreign power. This issue was highlighted recently when a California man plead guilty to charges that he sold counterfeit computer chips to the US Navy.

From 2007 to 2009, the man, along with two accomplices, imported chips from China and sold them to the US Navy. The group would re-brand the chips to make them appear to be of better quality or different brands. The group imported over 13,000 chips worth over $140,000.

The incident demonstrates some critical issues cyber security professionals are presently facing. With the globalized market, it is often difficult to ensure that any software or hardware that is produced and purchased abroad has not been tampered with. In this incident, it does not appear that malware was included on the chips. However, the potential for massive data breaches from supply chain problems is one that has no effective redress at present.

You may also be interested in...

DHS Expands CDM Approved Product List With McAfee Data Security Solutions

McAfee's device-to-cloud data protection and threat prevention products are now available on the Department of …

GSA Seeks Cloud-Based Audit, Risk Management Tool

The General Services Administration has issued a request for information on ideas intended for the …

Zscaler Web Gateway Tool Gets FedRAMP Certification; Stephen Kovac Comments

Zscaler has received a Federal Risk and Authorization Management Program certification for its internet security and …