22 January 2020

Restricted Chinese IT products enter US military

Home page Economy
12 Punto 14 Punto 16 Punto 18 Punto

A Department of Defense (DoD) Inspector General (IG) report released on July 30 found that more than 9,000 commercially available IT products (COTS) purchased in FY 2018 — costing at least $32.8 million — could be used to spy, surveille, or sabotage US military personnel and facilities. In contrast to traditional DoD processes for large acquisitions such as weapon systems, aircraft, and command and control systems, these purchases were made via Government Purchase Cards which are intended to simplify procurement of less than $10,000. reports citing However, just because the dollars amount are small doesn’t mean that risk is reduced, as the products in question were long identified as security threats. Moreover, many of the most devastating cybersecurity attacks such as those against Target, Equifax, and the Office of Personnel Management were instigated at low levels of approval and control, frequently via contractors or COTS devices.

The IG highlighted four critical issues:

No entity within DoD has responsibility for developing a strategy to mitigate cybersecurity risks through COTS purchases.

The DoD lacks sound acquisition policies which would consider cybersecurity risk before purchase.

The Pentagon’s Approved Products List (APL) includes products with cyber and supply chain risks.

The DoD did not establish “controls to prevent the purchase of high-risk COTS information technology items with known cybersecurity risks.”

2019.08.12 / 14:51
See also

Oil prices have fallen again

Azerbaijani currency rates

Belarus cancels suspension of petroleum products export

Azerbaijani currency rates

IMF cuts global growth projection

Oil rises as Libyan oilfields shut down

Davos 2020 will focus on environmental risks

IMF warns return of the Great Depression

Oil prices increased

Kapital Bank announced the financial results of 2019

Xocalı soyqırımı — 1992-ci il Bağla
Bize yazin Bağla