Jul 31, 2018

Feds are on a supply-chain security tear

Illustration: Sarah Grillo/Axios

Federal officials are doubling down on sounding alarms about the risks of supply-chain security threats — attacks where hackers sabotage software or hardware before it's sent to the customer — with warnings to businesses up against the theft of intellectual property, federal contractors up against espionage and telecoms who will soon face large-scale buildout of 5G networks.

Why it matters: It's difficult to extract supply-chain-vulnerable products from the market. Many devices and networks include components from a variety of companies from all over the world, providing ample opportunity for bad actors to interfere. Banning certain products can combat such threats, but can also cause friction: Just look at the recent call to remove ZTE and Huawei products from the telecom networks.

Driving the news: Last week, the Office of the Director of National Intelligence issued a report Thursday that supply chain attacks used for economic espionage were on the rise. On Friday, the Department of Defense told reporters that it was compiling a list of software manufacturers with Chinese and Russian ties it thinks military branches and contractors should avoid.

  • This comes on the heels of scandals at ZTE, Huawei and Kaspersky, where the government alleges foreign-made products were used to spy on domestic agencies and companies.

Why now: The United States is about to go through a massive infrastructure expansion project as mobile carriers and equipment firms roll out 5G technology. Meanwhile, rural communities are still building their first broadband networks.

  • The U.S. has instructed telecom companies not to use products from the Chinese firms Huawei and ZTE — both of whom are suspected of sabotaging their own products to enable Beijing’s spying efforts.
  • But telecom execs say that for smaller communities, low-cost Chinese equipment is the only economically viable way to expand infrastructure. Chinese equipment is not just cheaper, it’s also often the only one-stop shopping solution for telecommunications hardware and tend to offer affordable financing packages.

The government could dig its way out of the hole, but likely won't. Jim Lewis, currently of the CSIS think tank and formerly a Department of Commerce official specializing in high tech issues involving China, estimates that the government could even the playing field and solve the telecom supply chain problem for a little over a billion dollars.

  • That would involve funding rural providers purchasing less vulnerable equipment and issuing grants to ZTE and Huawei competitors for research, helping them compete with China's massive state research budget.
  • But, said Lewis, Congress loathes spending money, even when it is the only solution.

Go deeper:

Go deeper

Mass shooting in Milwaukee: What we know so far

Milwaukee Mayor Tom Barrett in 2012. Photo: John Gress/Corbis via Getty Images

Six people died in a shooting at the Milwaukee Molson Coors brewery complex on Wednesday, including the shooter, Mayor Tom Barrett told reporters at an evening press conference with local police.

What's happening: Police said "there is no active threat" just before 6 pm ET, but noted the scene remains active. Police chief Alfonso Morales told reporters that officers have "more than 20 buildings we have to secure" at the complex and they do not currently have all employees accounted for, as more than 1,000 were at the complex during the shooting.

Go deeperArrowUpdated 5 mins ago - Politics & Policy

Live updates: CDC confirms possible community spread of coronavirus

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

U.S. clinicians have found the novel coronavirus in a person who did not recently return from a foreign country nor have contact with a confirmed case, the CDC said Tuesday.

The big picture: COVID-19 has killed more than 2,700 people and infected over 81,000 others. By Wednesday morning, South Korea had the most cases outside China, with 1,261 infections. Europe's biggest outbreak is in Italy, where 374 cases have been confirmed.

Go deeperArrowUpdated 21 mins ago - Health

Trump assigns Pence to lead U.S. coronavirus response


President Trump announced at a press briefing Wednesday evening that he'll be putting Vice President Mike Pence in charge of leading the administration's response to the coronavirus.

The big picture: In the wake of a market sell-off and warnings from health officials that there's a real threat of the coronavirus spreading in the U.S., Trump sought to reassure the nation and Wall Street that the U.S. is "ready" for whatever comes next.

Go deeperArrowUpdated 2 hours ago - Politics & Policy