A report by a Department of Justice (DoJ) task force charged with examining how the department fights global cyber threats and how it can better conduct this mission warns of the vulnerability of technology supply chains due to foreign sourcing of software code in technology products.
“Technology supply chains are especially vulnerable, because the hardware components and software code that go into technology products often come from foreign sources, including developers in Russia and China,” says the 156-page report by the DoJ Cyber-Digital Task Force, which stood up in February at the direction of Attorney General Jeff Sessions.
Concerns about vulnerabilities to the cyber supply chain and foreign investment in the U.S. to extract U.S. technologies aren’t new. The report cites a presidential memorandum in March warning of Chinese efforts to acquire technology and intellectual property in the U.S. in an effort to perpetrate technology transfer in support of “government industrial plans.”
“Under ambitious industrial policies, China aims to use foreign investment as a means of dominating cutting-edge technologies like advanced microchips, artificial intelligence, and electric cars, among others,” the task force says.
Earlier this month, the Trump administration proposed legislation for federal agencies to strengthen the cyber security of their supply chains and two House Republicans offered a bill to give the Department of Homeland Security authorities to protect its supply chain from security threats. The House bill will be considered this Tuesday by the House Homeland Security Committee.
The report says the DoJ works with other government agencies and the private sector to mitigate cyber risks to the supply chain. It also says the department combats technology transfer issues by enforcing export controls and through the Committee on Foreign Investment in the U.S.