Professional Documents
Culture Documents
Scott Borg
Director and Chief Economist U.S. Cyber Consequences Unit
Copyright 2008 Scott Borg/U.S. Cyber Consequences Unit. All rights reserved.
Problem: concern about malicious firmware getting into government, military, and critical infrastructure systems
Threat of broad regulations and mandates Threat of onerous provisions in government contracts Threat of terrible damage in certain circumstances from hard-wired logic bombs if nothing is done
But lets be realistic: limited motives and limited targets for malicious firmware
Nation states installing sleeper, one-use attack tools - Very long term (long preparation time, long lasting) - Hard-to access systems (e.g., highly protected infrastructure, military or intelligence) - Dormant (no regular interaction or operation) - Willing to cause loss of trust in supply chain Criminals seeking to corrupt systems with no software to corrupt (e.g., card readers, automated safety systems)
Preliminary estimates suggest that if the government suddenly demanded stringent supply chain security, many companies would simply stop supplying the government Their Opportunity Costs for supplying the government would become greater than the governments Willingness-to-Pay
Strategy: solve this customer problem in a way that produces other benefits
Companies face supply chain threats and losses other than hardwired logic bombs: Interruptions of supply increasing costs Quality control problems damaging the brand Loss of sales to counterfeit products Loss of intellectual property undermining future ability to compete Making the supply chain more secure can help with these other threats too The relevant security measures are complementary and need to be applied together to be effective
Four kinds of business attacks possible at each stage of the supply chain
I. Interrupt the operation II. Corrupt the operation (including inserting malware) III. Discredit the operation (undermining trust, damaging brand value) IV. Undermine the information basis for the operation (loss of control, loss of competitively important information)
Different supply chain stages to which the remedies need to be applied (in each branch of production flow tree)
Design Overall product design Detailed product design Creation of production masters Production Production facility design Quality control of production process Quality test verification Distribution Transport of finished product Distribution of finished product Maintenance After-sale maintenance of product
Copyright 2008 Scott Borg/U.S. Cyber Consequences Unit 8
REMEDIES
STAGES
Legal relationships necessary between global component suppliers, assemblers, and the overseeing company
1) Rigorous, unambiguous contracts, delineating the security measures 2) Locally responsible corporations with a long term interest in complying 3) Local ways of overcoming agency problems, motivating executives and workers 4) Adequate provision for verifying that security measures are being properly implemented 5) Local enforcement of agreements at all levels
10
Thank you!
For more information or permission to use this material in its current form, please contact: Scott Borg U.S. Cyber Consequences Unit P.O. Box 1390 Norwich, VT 05055 scott.borg@usccu.us 802 649 - 3849
11