As the worldwide web of supply chains expands across today’s globally interdependent economy, the far-flung assembly of motherboards, which are the spine for all our devices, have become the latest domain vulnerable to wily spies and criminals seeking a backdoor into the proprietary information of others. And the more digital connectivity deepens, the greater the risk of hacking into everything from election campaigns to the emergent “Internet of Bodies,” where smart devices monitor health and help determine diagnoses.
The WorldPost this week examines these new frontiers of cybersecurity.
Though Amazon and Apple vehemently deny it, Bloomberg Businessweek recently reported that Chinese spies had implanted microchips into some of the U.S. tech giants’ server components that were manufactured in China. Whether this particular instance is true or not, Robert Hannigan, the former head of the British intelligence and cyber agency, the Government Communications Headquarters, warns that infiltration of supply chains is among the most challenging strategic security threats ahead.
“Companies who regard their own defenses as strong are now finding their once-trusted vendors, suppliers and customers becoming their greatest vulnerability,” he writes. For Hannigan, the strategic threat “lies in the fact that the developers of software and manufacturers of hardware are based in countries such as Russia and China. … The fundamental problem is that in non-democratic countries, the tech sector is expected to behave as an extension of state power and the potential for its misuse is clear.”
“Earlier this year,” he says by way of example, “the American and British governments warned of Russian attacks against thousands of routers and network hardware worldwide. Such a malicious presence on the backbone of the Internet, whether through cyber attacks or, potentially, through building a hidden access into IT hardware during manufacturing, gives the attacker wide options to monitor, copy or change data, or to destroy it and disrupt the network.”
Banning manufactured or assembled components from certain countries, Hannigan concludes, is a disruptive and unrealistic option. The solution, he argues, “will mean companies working hard to scrutinize their supply chains and impose their own restrictions on vendors. Governments will scramble to keep up. But the long-term goal must be to restore confidence in the global IT supply chain and to set and enforce standards that constrain those who abuse its trust.”
RAND Corporation analyst Lillian Ablon calls for “the government to create a new authority that focuses on supply chain security and has the power to conduct meaningful audits.” Suggesting a parallel to efforts aimed at controlling fake news in social media, she adds: “Companies also need to do their part by establishing internal teams to oversee and guide risk assessments and audits of suppliers, lengthen timelines for production to make it easier to monitor the supply chain, and purchase goods from suppliers that comply with basic cybersecurity standards and are verified by an independent third-party organization.”
As midterm elections approach in the United States, former NATO chief Anders Fogh Rasmussen and Michael Chertoff, the former U.S. homeland security secretary, outline the efforts of their new initiative, the Transatlantic Commission on Election Integrity, to track real-time social disinformation and “deep fake videos” during campaigns in order to alert authorities and warn voters.
“We see this course of action as the most impactful, more so than focusing on the gargantuan task of policing global social platforms,” they write. “As malign actors develop new, cutting-edge tactics like creating political deep fake videos, the disinformation illiteracy of our citizens will only have more dire consequences on our democratic institutions. Citizens must learn how to identify disinformation when it appears alongside posts from more trusted sources.”
Mary Lee is concerned about much more intimate hacks — into the smart devices implanted in our bodies, from contact lenses that monitor glucose levels for diabetics to electronic pills that keep a check on our body’s inner workings.
“These high-tech health care solutions are part of an emerging sector of medical technologies that monitor personal health data by essentially connecting your body to the Internet,” she reports. “These devices are members of the ‘Internet of Bodies,’ a nod to the Internet of Things — a term coined in 1999 to describe the thriving network of everyday smart gadgets, appliances and cars that are connected through the Web. If retroactive privacy laws for the Internet have taught us anything, we should consider establishing rules to govern the legal, privacy and ethical issues that are already arising from smart medical and biometric devices.”
She concludes: “The Internet of Bodies is certain to change what it means to have autonomy over ourselves and our bodies. So before these devices become ubiquitous, society should consider putting regulations in place, before it’s too late.”
Even as the remarkable breakthroughs of medical connectivity Lee describes advance, Mariana Mazzucato sees innovation coming to a halt in the pharmaceutical industry. Instead, she sees overly-wide patents capturing markets, taxpayers being cheated out of the dividends from publicly-funded research and industry profits going to shareholders and executives instead of into the mission of health care.
“Large pharma companies spend more on share buybacks to boost share prices (and stock options — the main way that executives get paid) than on research and development. Pfizer, for example, spent $139 billion on share buybacks and dividends in the past decade — and just $82 billion on research and development in the same period. (The chief executive’s pay was also a reported $27.9 million in 2017.)”
Her solution: “Apply the same mission-oriented approach used in national defense to health care. The military has historically used public funds to solve problems by interacting dynamically with the private sector, albeit with government direction, with the goal of benefiting the taxpayer.” She continues, “If governments acted with the same urgency and strategic deliberation toward improving health as they do when it comes to national defense, we might be able to transform health care and deliver the next generation of medical breakthroughs to reach the people who need them the most.”