U.S. Supply Chain Cybersecurity: Potential Lawmaker Progress
A new bi-partisan bill would fortify the U.S. technology supply chain’s cybersecurity defenses against hacks from adversaries such as China and Russia, the legislation’s sponsors said.
Sens. Mike Crapo (R-ID) and Mark Warner (D-VA.) introduced the Manufacturing, Investment, and Controls Review for Computer Hardware, Intellectual Property and Supply (MICROCHIPS) Act that would establish a National Supply Chain Security Center within the Office of the Director of National Intelligence.
Chief among the new agency’s duties would be to gather information on supply chain threats and parcel it out to federal agencies. The bill’s main components include:
- Summarizes key findings of Congress regarding supply chain security.
- Directs the Director of National Intelligence, DOD and other relevant agencies to develop a plan to increase supply chain intelligence within 180 days.
- Establishes a National Supply Chain Security Center within the Office of the Director of National Intelligence to collect supply chain threat information and disseminate it to agencies with the authority to intervene.
- Makes funds available under the Defense Production Act for federal supply chain security enhancements.
The proposed legislation is aimed squarely at Chinese supply chain hacks spanning critical infrastructure facilities such as the U.S. power grid, computer and defense systems and attempts to burrowing into networks to steal sensitive data. In particular, the federal government is worried about Chinese exported telecommunications equipment, especially fifth generation technology, compromising U.S. systems and sensitive data along the supply chain, primacy through built-in technology back doors.
“While there is a broad recognition of the threats to our supply chain posed by China, we still lack a coordinated, whole-of-government strategy to defend ourselves,” said Senator Warner. “As a result, U.S. companies lose billions of dollars to intellectual property theft every year, and counterfeit and compromised electronics in U.S. military, government and critical civilian platforms give China potential back doors to compromise these systems. We need a national strategy to unify efforts across the government to protect our supply chain and our national security.”
The bill’s sponsors pointed to a 2018 Government Accountability Office report warned that for the last two decades cybersecurity has not been a focus of weapon systems acquisitions within the military community. “The Department of Defense’s (DOD) continuous acquisition of weapons systems without making security a key priority could potentially lead to loss of U.S. intellectual property and technological advantage of the U.S. Armed Forces, contribute to unnecessary risks to human life and interfere with the ability of the Armed Forces to execute their missions,” the Senators said.
The Chinese telecom giant Huawei is one of the world’s largest IT companies and hopes to cash in on 5G network build-outs worldwide. But security, privacy and spying concerns continue to dog the company. Critics allege Huawei could spy for China’s government, a charge that CEO Ren Zhengfei firmly denies. Still, it won’t surprise anyone if Huawei is blocked from bidding on a range of 5G network contracts worldwide.