全球智库信息集成服务系统

Executive Summary

In an increasingly digitized world, information and communication technologies (ICTs), and especially operational technologies (OTs), have assumed critical importance for governments, industry, and the general public worldwide. Yet trust in the integrity of these products and services is declining because of mounting concerns over inadvertent vulnerabilities in the supply chain and intentional backdoor interventions by state and corporate actors. Compounding the problem, these legitimate security concerns are sometimes exaggerated for political and commercial reasons—a counterproductive dynamic that fuels rivalries, fragments the marketplace, increases anxiety, stifles innovation, and drives up costs.

Inarguably, some governments have been intervening in the ICT/OT supply chain or at least laying the groundwork for such interventions. They believe the pursuit to be justifiable and legal, citing objectives related to intelligence, law enforcement, and military operations. Whether valid or not, the concern is that certain corporations are actively or passively weakening the security of the supply chain and final products either at the behest of governments or for questionable purposes. Another concern is that both state and corporate interventions could leverage or mask what are purely lax security standards or flaws in products and services. And this further reduces trust in ICT/OT.

The global tumult over the integrity of Huawei products and the U.S. administration’s campaign to persuade other countries to ban them exemplifies the scale of the emerging challenge. Other examples include the alleged 2015 Russian manipulation of Kaspersky Lab antivirus software being used by a U.S. National Security Agency contractor, and concerns that the agency was putting the security of U.S. products at risk. These instances illustrate the high stakes surrounding the protection of supply chains—stakes that affect geopolitics, espionage and security competition, mercantilism, and consumer protection. If concerted, cooperative efforts are not made to restore confidence in the integrity of supply chains, everyone—consumers, vendors, governments—will lose.

Many worthy, promising initiatives are underway to enhance supply chain integrity. Yet these typically approach the challenge from four stovepiped perspectives: technical, operational, commercial, and/or legal. Moreover, none of them deals head on with deliberate interventions in the supply chain. While eliminating these interventions is neither possible nor necessarily desirable, rules of the road would help restrict, channel, and condition state interventions and guide corresponding corporate behavior.

But to be effective, these rules, or obligations, should aim to enhance trust, accountability, transparency, and receptivity. They should also be anchored in existing national and international arrangements and be accompanied by measures to secure buy-in, reward compliance, and increase confidence in their implementation. More broadly, protecting the integrity of the supply chain should not be viewed solely as a cybersecurity matter. Securing the supply chain also requires attention to quality assurance, product and service safety, counterfeit prevention strategies, technology licensing and export control compliance, and customer trust.

Tables 1 and 2 present a concise summary of the key governmental and corporate obligations and recommendations for implementing them (a more elaborate list is provided at the conclusion of each section). They are the culmination of in-depth research and dialogue with senior government, corporate officials, and policy, legal, and technical experts from around the world. They aim to strike a delicate balance between the fulfillment of legitimate national security requirements and the protection of the digital economy and corporate equities.

Introduction

Reliable information and communication technology / operational technology (ICT/OT) products and services are now an indispensable part of modern life at the local, national, and international levels.¹ But much of their performance hinges on efficient and secure supply chains that have minimal inadvertent flaws or vulnerabilities and that guard against harmful interventions. Both natural vulnerabilities and intentional manipulations and other interventions by state and nonstate actors (driven by legitimate if perhaps myopic intentions, as well as nefarious ones) can lead to unwelcome and unintentional consequences. These consequences may include breaches in confidentiality of data, disruption of operations and corruption of data, and violation of the integrity of the algorithms for processing it. In some cases, physical damage to property and people can also result. The harmful effects can extend well beyond individual business enterprises, shareholders, employees, customers, and host nations. The exposure of potentially millions of systems to malicious attacks by the Meltdown and Spectre vulnerabilities discovered in ubiquitous Intel and AMD chips, which remain widely vulnerable to attack because the long available fixes have only been patched by a small percentage of their users, demonstrates how widespread the consequences of flaws in core ICT supplies can be.² The health of cyberspace, the openness of the international digital economy and trading system, and the stability of major power relations depend on confidence in the integrity of ICT/OT supplies.

Threats to the supply chain exist throughout the life cycle of products and services, from the gathering of source materials and development of components—including hardware, software, data, and algorithms—to the modifications and upgrades by and for customers (see figure 1).³ Most concerning is that decisions made in the development phase can affect vendors’ ability to manage vulnerabilities and the consequences of interventions. Manipulations early on in the supply chain could have a multiplier or domino effect. Other global industries have faced somewhat similar challenges, perhaps most notably the pharmaceutical industry’s defense against fake products (see Appendix 1). But the longer operational phase of the ICT/OT life cycle poses innumerable additional challenges to sustaining the integrity of the supply chain.

Commonly known interventions by governments or corporations include consciously undermining broad security measures, such as encryption standards,⁴ and categories of, or widely available products; inserting backdoors or other remote access capabilities into products; or otherwise building undisclosed features and functions into them. To date, these interventions have not fundamentally affected global reliance on ICT/OT. But revelations of systematic intervention or other serious forms of tampering in the supply chain (such as counterfeiting components and products) are already shaking governments’ and users’ perceptions of the integrity of ICT/OT products, services, and vendors. There is rising concern that manipulations could have destabilizing consequences for the global economy and geopolitical relationships (see box 1).

But deliberately stoking or exaggerating anxieties about supply chain integrity—for strategic, commercial, or political purposes—may produce similarly undesirable effects and be counterproductive. At a minimum, trust in ICT/OT and relationships could be further eroded.⁵ Consider how the Huawei case is unfolding. Regardless of the validity of U.S. suspicions that Huawei’s 5G equipment could serve the interests of the Chinese government, the highly publicized allegations and ensuing ban on procurement of Huawei products (and massive pressure on others to do the same) alongside severe tightening of component supply for their products are already having profound effects on both national and corporate decisions and relationships. Beyond the effects on costs and availability of products and services, these actions are exacerbating general trade tensions between the United States and China, clouding U.S. relationships with some of its allies that do not fully share its concerns, affecting corporate decisions like whom to buy from and sell to, and where to locate production. Relatedly, these actions are accelerating Huawei and other Chinese firms’ quests for self-sufficiency. Even more profound consequences for security relationships (such as U.S. intelligence sharing arrangements with some of its closest allies) and the global economy (innovation and productivity) seem in store.

Despite the risks, the reality is that certain states, some corporations, and others have and will continue to use supply chain interventions to advance their national security, law enforcement, commercial, or criminal interests. In their efforts to counter weapons proliferation, terrorism, subversion, and influence operations as well as other threats, governments may intervene to gather domestic and foreign intelligence, conduct covert operations, and facilitate potential military operations, including through creating physical or cognitive effects. They might even purposely undermine trust in other countries’ products and services. There are already reports that the U.S., Chinese, and Russian governments, or entities widely suspected doing their bidding, have enacted or are contemplating several highly secretive operations.

All three countries have been accused of efforts to manipulate their own or each other’s supply chains. Particularly notable are U.S. claims alleging a vast Chinese effort to insert compromised motherboards into U.S. supply chains.⁶ Western intelligence agencies have blacklisted Lenovo computers due to suspicions that backdoors were giving the Chinese government access to data.⁷ The U.S. intelligence community has alleged that Russian actors compromised the product supply chains of at least three industrial control system vendors (that run critical U.S. infrastructure) to distribute malware via legitimate software updates.⁸ Meanwhile, classified documents leaked by Edward Snowden have been used to accuse the U.S. National Security Agency of compromising encryption used by security vendors and inserting backdoors into products.⁹

Although typically carried out in secrecy, state actors view their operations as legitimate. Explicit legislation in several countries provides a legal basis for states to engage in such action.¹⁰ China’s Cybersecurity Law, 2017, requires companies to provide “technical support” to national security and law enforcement investigations and to subject their products to governmental security reviews. Russia’s recent anti-terrorism law, 2017, similarly requires companies to provide decryption keys to the Federal Security Service to give them access to communications. Australia’s 2018 amendment to its telecommunications law has been widely interpreted to give the government authority to force companies to provide backdoor access to encrypted communications.

It is practically impossible to assess the scope of state interventions given the numerous ongoing revelations and allegations. This is due to the secrecy and compartmentation surrounding such operations and how difficult they are to detect. Interventions may also be technically indistinguishable from vulnerabilities deliberately or inadvertently introduced by producers. Vendors are increasingly building remote access mechanisms into their products for various purposes, including gathering information on product usage, conducting maintenance, implementing upgrades, and extending service contracts to enhance revenue. However, such features could be hijacked by malicious actors to target vendors’ customers, or even abused by corporations themselves for unsavory purposes (such as to illicitly collect information on their customers). Moreover, governments might persuade or compel corporations to allow them to exploit these features. Even sophisticated corporations might be inadvertently opening the door due to delivering products with inherent, unacknowledged (or undetected) security weaknesses and vulnerabilities (see box 2).

Although uncertainty about the scope and origin of interventions will likely persist, increased awareness of the potential consequences is generating some favorable dynamics. Technology developers and suppliers, buyers, governments, and nongovernmental organizations are undertaking various initiatives to prevent and manage supply chain problems through both unilateral and collaborative efforts. Most of these initiatives focus on requirements, standards, and guidelines to enhance supply chain integrity, as laid out in sophisticated supply chain risk management practices.¹⁷ Other initiatives, mostly in Europe, focus on elaborate processes for certifying products and vendors. For instance, the European Union (EU) Agency for Network and Information Security is helping to develop a common EU-wide certification framework for ICT products.¹⁸ At the national level, the French Network and Information Security Agency already has a process for evaluating and certifying the security of ICT products.¹⁹ Meanwhile, the U.S. Department of Homeland Security leads an ICT Supply Chain Risk Management Task Force launched in 2018 to facilitate public-private cooperation on managing cyber threats to the global ICT supply chain.²⁰

But while these efforts are beneficial, they heighten concerns about the broad balkanization of the supply chain and focus mainly on the management of risks associated with accidental flaws or vulnerabilities in hardware and software. No similar, comprehensive effort has thus far tackled deliberate interventions by states and corporations—a deficiency that will become more problematic in the coming years. There are at least seven clear reasons why governmental supply chain manipulations will remain, or become increasingly, attractive:²¹

1. They can generate larger troves of intelligence on targets of interests, without having to conduct risky espionage operations or have an on-the-ground presence.
2. Innovations like 5G technology, 3D printing, machine learning, and other data-driven processes as well as new governance structures (such as smart cities and grids) both greatly increase the attack surface for interventions (for example, through adversarial learning) and expand the scope of potential consequences.
3. They could produce other useful and sometimes unique effects—for example, to degrade performance in the context of covert actions, most notably both for counterproliferation (such as Stuxnet) or counterterrorism (such as in the fight against the self-proclaimed Islamic State).
4. Platforms can be created to set a time for initiating desirable military operations (for example, against critical infrastructure or nuclear assets) in the course of armed campaigns, especially in the early phases of warfare or gray zone confrontations.
5. There can be a significant time lag between interventions and effects, between embedding a platform for future attack and the ability to reap the benefits of such operations. But the time and effort required to establish well-placed bridgeheads and the uncertainty of success creates a strong incentive to insert such capabilities well in advance of their utilization, even in the absence of a decision to trigger their effects.
6. Extreme secrecy and compartmentation increase the lure of such operations (and the ability to minimize some of the attendant risks of carrying them out).
7. Strategic and commercial competitors may seek advantage in hyping and politicizing legitimate supply chain concerns, even if this could further erode trust in the integrity of the ICT/OT supply chain.

These incentives—as well as inevitable flaws in hardware and software—mean that supply chain interventions will persist and total trust in the integrity of products and services will not be achieved. But given the potential destabilizing consequences that supply chain untrustworthiness could impose on national and global economies, governments and corporations have objective interests in taking complementary steps to enhance supply chain integrity and mitigate the adverse impacts of manipulations. As they do so, they will need to answer a central question: What is the proper balance between the desire of governmental agencies to compromise, and take advantage of, supply chains vulnerabilities in the interest of national security and the desire of practically everyone else to enjoy trustworthy ICT/OT products and services?

To help move the discussion forward, this paper proposes obligations that governments and corporations should undertake to prevent, manage, and redress interventions as well as diminish weaknesses and vulnerabilities that place the integrity of ICT/OT supply chains at serious risk. It also offers ways to encourage governments and corporations to adhere to these obligations, as well as measures to discourage all others from impeding them. The proposed obligations are divided into four mutually reinforcing categories: trust, accountability, transparency, and receptivity. Taken together they constitute a normative framework that governments and corporations could adopt, effectively binding themselves to do no harm to the ICT/OT supply chain. Broad adherence to them will go a long way toward rebuilding confidence in the integrity of this supply chain.

These obligations, and the ways to anchor them and incentivize and verify compliance with them, are the culmination of extensive interviews with current and former senior government officials and the legal and security officers of leading ICT vendors in multiple countries, including the United States, Europe, China, and Israel.

The research was originally designed to focus solely on government manipulations of ICT/OT products and services, but the government officials interviewed indicated that curtailing the manipulation of products and services would be more feasible if corporations adopted corresponding obligations that enabled states to meet legitimate national security and law enforcement responsibilities. In turn, the legal and security officers interviewed highlighted the need for incentives that would reward those who abide by the obligations and penalize those who do not. The central concerns then became how to verify that the commitments are being fulfilled, how to assess and attribute allegations of supply chain manipulations, and who should do it. In sum, the obligations, incentives, and verification arrangements proposed in this paper grew organically from many iterative engagements with leading technical and policy experts from government and industry. The result is a rather complicated, nuanced package of proposals. While a simpler package would be desirable in many ways, it would not realistically meet the core needs of the various stakeholders.

Substantive Governmental Obligations

In carrying out any intervention, states have a major responsibility—to minimize harm to the ICT/OT supply chain. This could be fulfilled by either refraining from conducting systemic interventions in the supply chain or at least minimizing the negative consequences of interventions by narrowing their scope and building safeguards into them. Such policies and actions would complement policies and requirements that states already pursue to enhance their own procurement processes or to inspire others to follow.

Refrain From Systemic Interventions

One major commitment governments can undertake to enhance trust in the integrity of ICT/OT products and services is to refrain from introducing systemic interventions in the supply chain. There is a key distinction between discrete and systemic interventions. A discrete intervention, such as placing an implant in a single piece of industrial control software destined for a specific target, could meet a significant national security need and have a relatively limited and predictable effect. Whereas a systemic intervention affecting all “copies” of a type of hardware or software or in an entire series, version, model, or production line, could have far wider and much more serious implications. There are gray areas, of course, such as when interventions affect all copies of a product that is intentionally offered only to a limited clientele or when interventions affect a limited production run destined for one customer or customer state.

The commitment of even a few governments that would otherwise have the motivation and ability to carry out systemic interventions would make a real difference. Their agreement would go a long way toward addressing customer and vendor concerns and, in turn, make the opposing position of other governments increasingly less tenable. It would be relatively easy to verify compliance by demonstrating that an intervention is not systemic. The legitimate space for interventions would gradually be scaled back to discrete cases²² involving certain products that governments strongly suspect are being destined for, in route to, or already possessed by the “wrong hands.”²³

Eschewing systemic interventions while allowing discrete ones could strike a welcome balance. National security interests could still be pursued through discrete interventions, while refraining from systemic ones would serve the commercial and public interests in uncompromised systems.²⁴ In a world with so many unintentional vulnerabilities and other attack surfaces, governments have little need to create new ones. Many governments have existing legal arrangements for information sharing that allow them to acquire similar kinds of intelligence without having to compromise products. These could be refined to meet both the intelligence needs of governments and the transparency needs of corporations. Furthermore, regarding the parameters of discrete interventions, current legal information-sharing arrangements between corporations and governments already abound. They could be further refined, working out appropriate modalities and mechanisms for making such intervention requests acceptably transparent.²⁵

One issue to consider, however, is the possible distinction between interventions in the domestic and international supply chains. Some governments may consider it essential and reasonable to intervene in their own domestic supply chain. These governments may legally (or otherwise) compel suppliers and service providers operating in their sovereign domain to cooperate, as they do, for example, in requiring them to reveal source code or retain data. This obviously diminishes overall trust in their supply chain and makes it especially difficult for compliant corporations to expand into the international marketplace. However, even in these cases, it would be worth securing the government and corporations’ commitment to refraining from systemic interventions when operating internationally. Competitors will make a significant effort to verify adherence to these commitments.

Introduce Safeguards

Regardless of whether states refrain from using systemic interventions, the international system would greatly benefit from establishing operational and technical safeguards to minimize the adverse, unintended effects of interventions. Operational measures could include refraining from interventions in products designed for sensitive sectors or applications (for example, software or hardware intended for medical applications). States could also renounce, or at least severely restrict, interventions in operational technologies that support critical infrastructure (for example, nuclear power plants, and water supply systems) or disrupt and degrade financial transaction.

Ideally interventions should not be designed to introduce self-replicating, self-propagating, or deep persistency features into ICT products and systems.²⁶ Such features can help overcome network defenses, making them attractive for intelligence collection and covert operations, but their ability to replicate or spread can have significant unintended consequences, including enabling adversaries to reverse engineer them. These consequences, in turn, threaten the reputation and brand value of all the companies affected.

If states refuse to rule out self-propagating, self-replicating, and deep persistency features because of their intelligence appeal, they should at least commit to build in safeguards that seriously constrain and mitigate their adverse effects. Very specific targeting parameters could ensure that any malware intended to alter the performance of a system could only be triggered by precisely defined circumstances in the target environment. For instance, the Stuxnet worm that targeted Iran’s nuclear centrifuges only deployed its payload against a specific line of Siemens programmable logic controllers (PLC) in the precise configuration used in Iranian facilities.²⁷ Thus, even as it unintentionally and unexpectedly spread to tens of thousands of computers around the world (likely including others with the same industrial control systems) Stuxnet did not damage them because of certain ad hoc safeguards that were purposefully built into the malware.²⁸

Another safeguard could be a built-in “expiration date” for the intervention’s effects. Stuxnet, for example, was programmed to stop replicating after June 24, 2012. Other feasible safeguards include a kill switch (to immediately terminate its adverse effects) as well as the development of a parallel ready-to-introduce fix that could quickly eliminate the vulnerability being exploited. This could also enable the intervention to be terminated, withdrawn, or patched once its utility expires or when the consequences of its introduction prove to be excessive.

Procedural Governmental Obligations

A second approach to minimizing harm to the ICT/OT supply chain could be procedural and apply to both systemic and discrete interventions.

Assess the Risks and Require Approval

To enhance trust a