By firstname.lastname@example.org – July 9, 2011
Department of Homeland Officials acknowledge on Thursday that some foreign-made components in American electronics devices have been found to be pre-design to allow cyber-attacks.
After repeated questioning by Rep. Jason Chaffetz, R-Utah, Schaffer admitted that officials are aware of such tampering. The question of so-called “supply chain” security is controversial, given that many electronic components are manufactured overseas, but it is still unclear how pervasive the problem may be.
“Counterfeit products have created the most visible supply problems, but few documented examples exist of unambiguous, deliberate subversions,” the White House’s Cyberspace Policy Review says.
As corporations send more manufacturing to China the Chinese are putting a little something extra in our electronic devices like “Trojan Chips” that spoofs our security. Vulnerabilities could be introduced in the course of manufacturing equipment or create counterfeit goods. This vulnerability is more dangerous because it’s hardwired into the physical infrastructure. If computer servers and routers that run our internet have these “Trojan Chips” installed all the security measures you throw at it is worthless the back door is wide open.
China and Cybersecurity: Trojan Chips and U.S.–Chinese Relations May 5, 2011
Now imagine these servers and routers installed in our banks, power grids, governments and our phones-communications infrastructure. The country that operates these devices can at anytime confuse them and watch everyone go crazy or just turn them off. If my daughter cannot use her cell phone which is glued to her hand she would go crazy. If somebody can turn off or scramble the routers that control the financial district in lower Manhattan Wall Street would be in shambles and so would the world financial services all over the world.
How can we fight this problem, simple put America back to work we need to do our own manufacturing especially in high technology sector. Before (10 years ago) we controlled the knowledge but other countries like China,Russia and others have stolen the technology and some have a good manufacturing base thanks to US companies and tax payer.
Our government needs to tax and go after the companies that allow profits to come before our country’s citizens safety and security. Despite the risk, the White House plan does not aim to blame specific suppliers. “A broad, holistic approach to risk management is required rather than a wholesale condemnation of foreign products and services,” it recommends.
Schaffer was one of four top administration officials on hand Thursday to testify about the White House policy proposal, which calls for more information-sharing between private industry and government agencies and modifying the Federal Information Security Management Act to require continuous monitoring of government networks.
Ranking member Elijah Cummings, D-Md., voiced concern that the information-sharing provision could open the door to abuse.
“I agree that we should encourage information-sharing between industry and government, but we also have to be careful that personally identifiable information is appropriately protected and shared with the government only when necessary,” Cummings said. Cummins also said “It is important that the official responsible for implementing FISMA [the Federal Information Security Management Act] have the authority to task all civilian departments and agencies with implementation of the federal security standards,”
I love Elijah Cummings, D-Md but FISMA should be the baseline of government cyber security policy. On top of that we need the help of our citizen cyber warriors to step up to the plate and help America. One thing that China does right is it
Nationalize it’s Cyber Groups to help China. We need to do a better job with our hackers like Anonymous and #antisec there are people in those groups that will help our government if we simply ask them. It’s kinda nice to be respected for what you know and do these people have no university degree’s they learn on their own and I respect that. These cyber warrior are our future, so let’s treat them a little better. I may not agree with them on some points but I agree that if you do not protect your users information you need a wake up call to do the legal and right thing and spend the money and protect your customers information (DATA). Hay I hear that there are a lot of people unemployed – put America back to work as Cyber Warrior – America what a wonderful country I love it.