Axar.az
UP
28 March 2020


Restricted Chinese IT products enter US military

Home page Economy
12 Punto 14 Punto 16 Punto 18 Punto

A Department of Defense (DoD) Inspector General (IG) report released on July 30 found that more than 9,000 commercially available IT products (COTS) purchased in FY 2018 — costing at least $32.8 million — could be used to spy, surveille, or sabotage US military personnel and facilities. In contrast to traditional DoD processes for large acquisitions such as weapon systems, aircraft, and command and control systems, these purchases were made via Government Purchase Cards which are intended to simplify procurement of less than $10,000.

Axar.az reports citing However, just because the dollars amount are small doesn’t mean that risk is reduced, as the products in question were long identified as security threats. Moreover, many of the most devastating cybersecurity attacks such as those against Target, Equifax, and the Office of Personnel Management were instigated at low levels of approval and control, frequently via contractors or COTS devices.

The IG highlighted four critical issues:

No entity within DoD has responsibility for developing a strategy to mitigate cybersecurity risks through COTS purchases.

The DoD lacks sound acquisition policies which would consider cybersecurity risk before purchase.

The Pentagon’s Approved Products List (APL) includes products with cyber and supply chain risks.

The DoD did not establish “controls to prevent the purchase of high-risk COTS information technology items with known cybersecurity risks.”

Date
2019.08.12 / 14:51
Author
Axar.az
Comments
See also

Oil prices fluctuate - Latest information

The fate of oil: Saudi Arabia and Russia discussed

Oil prices fell dramatically

Oil prices are falling again - Updated

Oil prices decreased slightly

The US became the supplier of compressed gas

The dollar rapidly depreciated

Oil prices increased slightly

Oil prices increased

The dollar rose again - in Russia

Latest
 
Xocalı soyqırımı — 1992-ci il Bağla
Bize yazin Bağla
ArxivBağla