The Supply-Chain Risk Might Be (Mostly) a Myth

Brian Fung

May 24, 2013 at 9:00 AM

Last fall, the House Intelligence Committee issued a scathing report on two companies looking to invest in the United States. Huawei and ZTE, both Chinese telecommunications firms, wanted entry. But committee chairman Rep. Mike Rogers (R-Mich.) was suspicious. He, along with the rest of his colleagues on the panel, worried that the companies’ networking equipment could be installed in U.S. facilities to enable foreign spying.

That type of exploit, known as a supply-chain attack, is the subject of a new Government Accountability Office report out this week. And what it finds is that while the risk is there, it may not be quite as large as we’ve been led to believe:

Officials from the companies and industry groups that we spoke with said that they consider the level of risk to be affected not by where equipment and components are made, but how they are made, particularly the security procedures implemented by manufacturers. Many of these officials also said they were not aware of any intentional attacks originating in the supply chain, and some said that they consider the risk of this type of attack to be low. Officials from four industry groups and one research institution we spoke with told us that supply chain attacks are harder to carry out and require more resources than other modes of attacks such as malicious software uploaded to equipment through the Internet, and, therefore, are the less likely vehicle to be used by potential attackers.

It’s rare to see equipment that contains built-in backdoors, said network operators. Instead, most vulnerabilities are generally the result of unintentional software bugs—accidents.

Among those GAO interviewed were representatives from major telcos like AT&T and Verizon, as well as trade groups such as CTIA—The Wireless Association. Also included were U.S. and international equipment-makers Cisco, Intel and, yes, Huawei and ZTE. It’s still possible these officials have underestimated or downplayed the threat. But even as GAO was gathering information from the companies, it was also analyzing proposals to further insulate U.S. networks from external intrusions.

One idea on the table is to grant broader authority to the federal committee charged with approving international mergers. The Committee on Foreign Investment in the United States, or CFIUS, made headlines last year when it suggested President Obama should block a Chinese-owned company’s attempt to buy up a handful of Oregon wind farms.

Under the proposed expansion, CFIUS would have the ability to examine businesses’ procurement deals in addition to investment decisions. The House Intelligence Committee said in its October report on Huawei that any bills to that effect should be given a chance in Congress.

Engadget
Pornhub to leave five more states over age-verification laws
Pornhub will block access to its site in five more states in the coming weeks.
Yahoo Personal Finance
How much money should you keep in your checking account?
Every bank customer likely wonders: “How much money should I keep in my checking account?” And the answer might surprise you. Here’s how much you should really keep in a checking account.
Yahoo Sports
Ravens reveal their one-game-only 'Purple Rising' helmet, which should be worn full time
These helmets are too cool to keep locked up for 51 weeks a year.
Yahoo Sports
NFL teams in the worst shape for 2024 | The Exempt List
On today's episode, Charles McDonald is joined by Frank Schwab to predict how the worst six teams in the NFL will fare in 2024.
Autoblog
Dealer says he sold LeBron James a Bugatti. LeBron replies: 'LIARS!'
A California high-end car dealership “congratulated” NBA legend LeBron James for all to see on Instagram about his "purchase." LeBron James begs to differ.
Autoblog
2025 BMW X3 debuts bold new design, even bolder interior for next generation
BMW’s bread-and-butter model, the next-gen 2025 BMW X3, is officially out.
Yahoo Sports
Urban Meyer just served Ryan Day and Ohio State a big helping of rat poison
National title or bust is a brutal standard, but that will be the expectation this season at Ohio State.
Yahoo Sports
Sparks star rookie Cameron Brink carried off court with knee injury vs. Sun
Brink grabbed her knee in pain after falling to the court and needed the help of trainers to carry her from the court.
Yahoo Life
Dwayne 'the Rock' Johnson is showing off his gnarly bruise from a ruptured bursa sac. What is that?
It probably looks worse than it is: Experts say Johnson's elbow injury should heal on its own.
Yahoo Sports
Ranking all MLB City Connect jerseys, from the Dodgers at No. 28 to the Marlins at No. 1
With every participating team having released their set, let's rank and grade them all.
Yahoo Sports
Men's College World Series 2024 Day 2: Kentucky delivers another walk-off, Texas A&M wins after midnight
Day 2 of the 2024 College World Series ended at 1:13 a.m. local time.
Autoblog
The 10 cheapest vehicles to own and operate over 5 years
MarketWatch's latest study calculated the depreciation and running costs of new vehicles, finding that some more than doubled the expenses of others.
Yahoo Sports
Men's College World Series: Tennessee trounces North Carolina, Florida State eliminates Virginia
Tennessee is a win away from advancing to the MCWS finals.
Yahoo Sports
Best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Dodgers stars Jayson Heyward, Teoscar Hernández power wild ninth-inning rally to stun Rockies
The Dodgers put up seven runs in the ninth inning Tuesday to sneak out with an 11-9 win over the Rockies.
Yahoo Sports
Lashinda Demus will get her Olympic gold medal ... 12 years later
Demus will receive her gold medal at a ceremony at the foot of the Eiffel Tower during the 2024 Summer Olympics.
Yahoo Sports
Belmont Stakes: Jayson Werth says his horse's win feels as good as World Series title
Werth bought a 10% stake in Dornoch in 2022.
Yahoo Finance
AI enthusiasm prompts 3 Wall Street banks to raise stock market forecasts
AI-driven earnings growth has strategists feeling even more bullish about stock returns this year.
Yahoo Life
'Sopranos' star Drea de Matteo says doing OnlyFans made her realize she's 'a 52-year-old woman with a smokin' hot body'
The Emmy-winning actress used to be her "worst critic." Now she has "such a sense of pride walking onto set in stilettos and a bikini."
Yahoo Sports
Something’s up with the Braves, Paul Skenes’ standing ovation, the Dodgers make a trade
Jake Mintz and Jordan Shusterman examine what’s wrong with the 2024 Atlanta Braves, Paul Skenes receiving a standing ovation on the road, the Dodgers making a trade and MLB dropping the ball in regards to Rintaro Sasaki.

News

Life

Entertainment

Finance

Sports

New on Yahoo

The Supply-Chain Risk Might Be (Mostly) a Myth

Recommended Stories

Pornhub to leave five more states over age-verification laws

How much money should you keep in your checking account?

Ravens reveal their one-game-only 'Purple Rising' helmet, which should be worn full time

NFL teams in the worst shape for 2024 | The Exempt List

Dealer says he sold LeBron James a Bugatti. LeBron replies: 'LIARS!'

2025 BMW X3 debuts bold new design, even bolder interior for next generation

Urban Meyer just served Ryan Day and Ohio State a big helping of rat poison

Sparks star rookie Cameron Brink carried off court with knee injury vs. Sun

Dwayne 'the Rock' Johnson is showing off his gnarly bruise from a ruptured bursa sac. What is that?

Ranking all MLB City Connect jerseys, from the Dodgers at No. 28 to the Marlins at No. 1

Men's College World Series 2024 Day 2: Kentucky delivers another walk-off, Texas A&M wins after midnight

The 10 cheapest vehicles to own and operate over 5 years

Men's College World Series: Tennessee trounces North Carolina, Florida State eliminates Virginia

Best RBs for 2024 fantasy football, according to our experts

Dodgers stars Jayson Heyward, Teoscar Hernández power wild ninth-inning rally to stun Rockies

Lashinda Demus will get her Olympic gold medal ... 12 years later

Belmont Stakes: Jayson Werth says his horse's win feels as good as World Series title

AI enthusiasm prompts 3 Wall Street banks to raise stock market forecasts

'Sopranos' star Drea de Matteo says doing OnlyFans made her realize she's 'a 52-year-old woman with a smokin' hot body'

Something’s up with the Braves, Paul Skenes’ standing ovation, the Dodgers make a trade