Opinion | Every Part of the Supply Chain Can Be Attacked

Forums Security News (Security) Opinion | Every Part of the Supply Chain Can Be Attacked

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • #36821
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]


        Headings…
        Every Part of the Supply Chain Can Be Attacked
        Site Index
        news
        opinion
        arts
        living
        more
        Subscribe
        Site Information Navigation

        Auto extracted Text……

        The United States government’s continuing disagreement with the Chinese company Huawei underscores a much larger problem with computer technologies in general: We have no choice but to trust them completely, and it’s impossible to verify that they’re trustworthy.
        Solving this problem — which is increasingly a national security issue — will require us to both make major policy changes and invent new technologies.
        The Huawei problem is simple to explain.
        The company is based in China and subject to the rules and dictates of the Chinese government.
        The government could require Huawei to install back doors into the 5G routers it sells abroad, allowing the government to eavesdrop on communications or — even worse — take control of the routers during wartime.
        Since the United States will rely on those routers for all of its communications, we become vulnerable by building our 5G backbone on Huawei equipment.
        It’s obvious that we can’t trust computer equipment from a country we don’t trust, but the problem is much more pervasive than that.
        The computers and smartphones you use are not built in the United States.
        Their chips aren’t made in the United States.
        The engineers who design and program them come from over a hundred countries.
        Thousands of people have the opportunity, acting alone, to slip a back door into the final product.
        There’s more.
        Open-source software packages are increasingly targeted by groups installing back doors.
        Fake apps in the Google Play store illustrate vulnerabilities in our software distribution systems.
        The NotPetya worm was distributed by a fraudulent update to a popular Ukranian accounting package, illustrating vulnerabilities in our update systems.
        Hardware chips can be back-doored at the point of fabrication, even if the design is secure.
        The National Security Agency exploited the shipping process to subvert Cisco routers intended for the Syrian telephone company


        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.0299999999 Build 26 Aug 2019

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.