Of cyberthreats and supply chains

Until recently the high level discussions between the United States and China focused on traditional issues of defense and economy. This year one of the topics addressed was cybersecurity.

While the concern on the Chinese side seems to be the policing of the network, the Americans worry increasingly about the protection of the network. In a nutshell, there is a concern that, as pointed out by a recent report of the conservative Heritage Foundation, “China could exploit its position as one of the world’s largest producers of computer chips, motherboards, and other physical parts of the Internet to affect infrastructure”. For James Mulvenon, the real problem is not about testing hardware at the point of entry (including third party certification) but rather controlling everything that takes place afterwards (e.g., remote maintenance and upgrades).

While some of the Washington hawks fret about network maintenance conducted from Shenzhen, I wonder what the Chinese do with the upgrades and patches from San Jose and Redmond.