Chinese components in American military uses: should we trust them?

Electronics are complicated. Software, even more so. So when you’re buying electronic components from your biggest trade competitor, one with overt military agendas, should you worry about what might be “tagging along” with that hardware or software? How about when sensitive data is moved to the cloud as a cost-cutting measure?

“Our clouds are running off of hardware that’s built in China,” said Tom McAndrew, an executive at IT compliance firm Coalfire who also is a Navy Reserve surface warfare officer specializing in weapons systems. He was not speaking on behalf of the Pentagon. “The challenge is — can you create a secure cloud running on top of nonstandardized, noncertified hardware?”

Lawmakers have warned of a nightmare situation where bad actors intentionally install a “backdoor” mechanism — essentially malicious programming — into military circuitry to, for example, shut down systems remotely or leak information.

Read the whole story at