Purposefully Manufactured Vulnerabilities in the U.S. Government Technology Microchips: Risk and Homeland Security Implications (Computer Hacking and Security Book 1)

Government at all levels, industry, military and critical infrastructure, may be at risk due to purposeful manipulation of micro-processing chips during the manufacturing process. Many microchips intentionally provide remote access to allow for monitoring and updating firmware. However, a remote access capability also introduces a vulnerability, which allows others to potentially take control of a system and shut it down remotely, spy, or remove data. If this is in fact occurring, the implications to the national and homeland security could be significant. It does not appear that there are currently policies and processes to identify purposefully manufactured vulnerable micro processing chips. Should it be determined that vulnerabilities do in fact exist, a federal government-led effort is needed to identify the entities producing these chips; to assess possible intentions of these actors; inventory hardware that is in use, which may have been compromised; and, finally, to pursue the development of a remediation strategy. Additionally, the current supply chain process will have to be re-examined to mitigate current and future concerns. Therefore, in 2012, the Government Accounting Office recommended that the Department of Homeland Security (DHS) create and implement a cyber security supply chain vulnerability policy. This policy will assist the federal, state, and local governments, as well as private sector entities, to develop guidelines for procurement and policy decisions.