It seems the US government is going to great lengths with their cybersecurity. They are threatening to cut off digital collaboration if Germany allows Huawei to manufacture its 5G technology. This kind of action may seem extreme, but when you’re faced with threat by design, what lengths would you go to to ensure the safety of your business’s data?
Don’t press the backdoor button
Cybersecurity is typically a matter of keeping tabs on the software and some of the peripheral hardware associated with your company’s IT landscape. However, with the news breaking about security threats coming from actors we’ve previously trusted, it appears that our security protocol would be best suited to include scanning for assets that have been manufactured under these dubious circumstances. In other words, replace any hardware that has motherboards from SuperMicro or China.
This is the first time we know of that hardware companies have been intentionally creating hacker havens within our devices—and hiding them in plain sight, to boot! This kind of event should rattle the cages of even the most trusted data security programs.
It’s not me, it’s you…
With this malfeasance on the manufacturer level forcing us to think of the supply chain in these new terms, it makes sense to draw lines. After all, what good is your internal data security if your telecommuting employees or partnering vendors are using computers with known back doors?
Are you going to stop using certain products, or not work with certain clients because of the manufacturer’s choices? These questions usher in a new era of mistrust, and it shows just how important the data we work with is to the powers that be.
Now, before you think I’m being overly dramatic, remember that, in China, there is no such thing as a non-government influenced company. This changes the conversation when we know the Chinese engage in corporate espionage; there are no Chinese manufacturers above suspicion, then. This is tough news considering the role Shenzhen plays in the future of our technology.
Watch from every angle
If a threat is known, it makes sense that there should be significant rules and protocols in place to prevent hackers from gaining access. Taking the time, then, to vet out the manufacturer loyalties would be a prudent course of action.
Take into account your hardware—from the mother board out—as a potential threat before you relax. Research where the guts of your devices came from, to the best of your ability, and don’t hesitate to disposition devices that have been flagged due to their country of origin. Just be sure to disposition them responsibly!
Author note: I realize there is some discrepancy about Bloomberg’s article. However, in my mind, when a chip the size of a pinhead surreptitiously placed on a cluttered circuit board can allow a third party to add hack-ware into a system, there doesn’t seem to be much room left for prevarication.