US China-watcher warns against Middle Kingdom tech dominance
5G, IoT, and tech supply chains should go under spotlight
Another US government panel has warned of the dangers of over-reliance on Chinese tech vendors: the US-China Economic and Security Review Commission.
The commission released its 2018 annual report today, and in it warned that China's plans to dominate two key tech sectors – the Internet of Things, and 5G – represented a threat to US critical infrastructure.
The report noted “significant state funding for domestic firms and 5G deployment, limited market for foreign competitors, China-specific technical standards, increased participation in global standards bodies, localisation targets, and alleged cyber espionage and intellectual property theft” as problematic, both in security and competitive terms.
The well-known insecurity of IoT devices, plus their frequent dependence on vendor servers, also got a serve.
China wins one, loses one in US trade spatsREAD MORE
The data collected by Things can “reveal information the user did not intend to share”, the report noted, and “US data could be exposed through unsecure [sic] IoT devices, or when Chinese IoT products and services transfer US customer data back to China, where the government retains expansive powers to access personal and corporate data.”
The commission also warned about China's central role in the global tech supply chain, something highlighted by the huge-if-true (but widely discredited) Super Micro "motherboard tampering" story.
“While not all products designed, manufactured, or assembled in China are inherently risky, the US government lacks essential tools to conduct rigorous supply chain risk assessments,” the report stated, adding that procurement laws and regulations are “often contradictory, and are inconsistently applied.”
The report's recommendations included getting the Office of Management and Budget to oversee how government agencies manage supply chain risks; possible US Trade Representative action in the World Trade Organisation; and the National Telecommunications and Information Administration and the FCC should be directed to take steps to ensure the security of America's 5G rollout, and look at whether some kind of new security bureaucracy is needed “to ensure the security of domestic 5G networks.”
That's just the start: the report also made recommendations about US-China economic relations, China's agricultural policies, Chinese militarisation (particularly in the South China Sea), the Middle Kingdom's “Belt and Roads” foreign aid program, and China's relations with US allies, Taiwan, Hong Kong, and North Korea. ®
Sponsored: Becoming a Pragmatic Security Leader