A year ago, the Inspector General of the Ministry of Defense (DoDIG) issued a report to censure the military for the acquisition of Chinese PC devices vulnerable to the $33 million song. The report highlighted the lack of DoD control obligations for cybersecurity and the inability to talk about Lexmark and Lenovo blacklisted products. He noted how these products from Chinese state entities can jeopardize U.S. and U.S. assets when incorporated into data networks. So, what happened in 365 days? Nothing public What’s going on? A cultural change.
The Department of Defense’s audit of cybersecurity hazards to the government acquires purchased cards from over-the-counter advertising items that describe $32.8 million in acquisitions of vulnerable and unsafe PC appliances through the U.S. military and air force. In 2018. The report was described on the ZDNet website. The scariest hacks and vulnerabilities of 2019 as a “window to the biggest national security challenge in the United States right now, i.e. attacks on the source chain.” In fact, the presence of Chinese-made devices in U.S. Army networks. It is even more fearsome in the midst of the pandemic, as China can attack, monitor or sabotage network infrastructure through devices manufactured through its public entities such as Huawei. In May this year, the Department of Defense warned workers who were opposed to cyber dangers similar to fleeing home, adding the dangers of accessing sensitive programs and knowledge on remote networks with vulnerable devices. The GI has introduced an upcoming audit to determine whether the DoD maintains network protections against the pandemic. Many of the defense department’s more than one million workers can use vulnerable laptops while running at home on unsecured Wi-Fi networks.
The 2019 report reflects the DEPARTMENT of Defense’s IG audit of cybersecurity processes and policy, as required by Congress. The report highlighted the army’s acquisition of 8,000 Lexmark printers, 195 Lenovo laptops and 1,378 Lenovo laptops through the Air Force. The products of these corporations are limited to the use of the military due to their corporate ownership through the Chinese government. The Chinese Commission of the United States (USCC), a bi-component congress organization, described Lenovo in 2009 as one of China’s national champions of Huawei’s order and a component of China’s techno-nationalist strategy to announce the country while earning foreign exchange to finance the country’s military. projects A similar USCC report highlighted corporations for the risk of the source chain.
In 2006, the State Department banned Lenovo products due to spying issues, and the Department of Homeland Security banned them because of spyware pre-installed on the devices. In 2016, the Joint Directorate of Chief Intelligence Personnel warned that Lenovo handheld devices can introduce compromised hardware into the DoD’s source chain. More recently, the Air Force obtained approval to send the $378 million tab to taxpayers for the removal and replacement of the server running the U.S. Global Positioning System (GPS). Fearing that it will be under contract with Lenovo and potentially available to the Chinese government.
The GI has observed how Department of Defense agencies have continually ignored past cybersecurity alerts. For example, Lexmark and Lenovo limited products were still included in the intranet’s internal product catalogs. The IG states that control of the Department of Defense has not been able to assign the duty of cybersecurity measures or compile a list of approved products, discouraging the acquisition of vulnerable items.
In response to an email about the prestige of implementing IG recommendations in the report, Dwrena K. Allen, spokesman for the Office of the Inspector of the Department of Defense, noted: “The Undersecretary of Defense for Procurement and Maintenance and the Department of Defense’s Information Director continue to paint the rules to comply with our recommendations that hazards related to purchasing generation parts of advertising data on the shelf is well identified, evaluated and dimmed. We will continue to coordinate with the Department of Defense so that the rules are reviewed so that we can close the recommendations.
Wisconsin Congressman Mike Gallagher and I discussed the DoDIG report and issued a press release titled “The Pentagon’s Risky Business.” Rep. Gallagher, co-chair of the Bipartisan Solarium CyberSpace Commission, said: “This report is just the latest warning that our government is not taking cybersecurity as seriously as it should be. Equipment sold through Chinese-generation state-run corporations poses a serious risk to our security, and is that we act to mitigate vulnerabilities in our chain of defense sources and to prohibit the acquisition of such high-risk technologies.”
I applaud the efforts of the Office of the Inspector General, which has sought to provide oversight, transparency and accountability to the Department of Defense for several trillion dollars. The DoDIG Compendium 2020 notes 1,602 open recommendations from the recent period, which, if put into force, promise to improve performance, productivity and savings. The Office completed the Department of Defense’s first monetary audit in 2018. Although the GI found that it has no effect on monetary fraud, data generation processes were lacking. The challenge of forcing cyber security in the Department of Defense is not a challenge of cash or generation, but a cultural challenge. This is the evaluation of the Congressional Office of General Responsibility (GAO), which points out in Cybersecurity: the Department of Defense must take decisive steps to improve cyber hygiene, despite time and budget, the Department of Defense has failed to implement its own cybersecurity. projects due to lack of field and awareness.
As a U.S. in Denmark, I use international, multidisciplinary, and evidence-based approaches to analyze generation policy. Please consult Strand; Co-founder, ChinaTechThreat;
As a U.S. in Denmark, I use international, multidisciplinary, and evidence-based approaches to analyze generation policy. Please consult Strand; Co-founder, ChinaTechThreat; PhD, economic and visiting researcher, electronic systems, University of Aalborg.