GAO Report Exposes IT Risks to Supply Chain
Staff contributor: Tami Jones
Just in case you weren’t paranoid enough about the state of the world - what with a crippled global economy, the United States’ continuing involvement in foreign wars, and newspaper headlines about terrorism - a report came out on Friday from the U. S. Government Accountability Office (GAO) urging government agencies to address possible risks in the IT Supply Chain.
The Department of Homeland Security, the Department of Energy, and the Justice Department have yet to define supply chain protocol.
The report warns that potential breaches in the supply chain could be putting national security at risk. “The exploitation of information technology (IT) products and services through the supply chain is an emerging threat,” wrote the authors in the 45-page document.
SEE RELATED STORIES FROM THE WDM CONTENT NETWORK:
· The Coming Supply Chain Renaissance
· Did Steve Jobs’ Death Shine a Light on the Supply Chain?
Click here to read the latest edition of Supply Chain Digital
“In January 2012, the Director of National Intelligence identified the vulnerabilities associated with the IT supply chain for the nation’s networks as one of the greatest strategic cyber threat challenges the country faces. IT supply chain-related threats can be introduced in the manufacturing, assembly, and distribution of hardware, software, and services.”
Given that components of almost all equipment are developed overseas, it can be difficult to address the upstream risks of a possible security breach in the supply chain. Some of these components have the potential of including malicious code in either software or hardware that can copy itself and infect a computer without permission or knowledge of the user.
“These codes can take control of entire systems and thereby read, modify or delete sensitive information; disrupt operations; launch attacks against other organizations’ systems; or destroy systems,” the GAO report stressed, falling just short of fire and brimstone.
In January, the White House sent out a National Strategy for Global Supply Chain Security outlining future measures to be taken to prevent a national security breach. Until these measures are adopted, it will be up to the citizenry to remain afraid. Wait...vigilant? No, afraid.
