This week, US lawmakers have introduced a bill that calls for the federal government to only purchase communication technology products from original manufacturers or authorized dealers, in order to avoid goods sold by “gray market sellers” and reduce the risk of cyber attacks. This is the latest move by the US Congress to address network threats posed by the Chinese Communist Party.
US Congressman Pat Fallon stated in a press release on Friday, September 13th, that he introduced the “SAFE Supply Chains Act” this week, aiming to strengthen US cybersecurity and mitigate the risk of procuring harmful products.
Fallon pointed out that adversaries like the Chinese Communist Party, Russia, Iran, are increasingly exploiting security vulnerabilities, with the US government facing “millions of attacks” each day. At the same time, artificial intelligence (AI) is intensifying network threats.
“The proliferation of artificial intelligence allows our enemies to conduct aggressive cyber operations at an extremely fast pace, potentially launching devastating attacks on the most sensitive networks of the United States,” warned Fallon.
He highlighted that adversaries like the Chinese Communist Party have been attempting to sell harmful goods to the US government through “gray market sellers”.
“While these products are sold in the market as legitimate hardware, they enable our adversaries to gain access to US government systems, making it easier for them to carry out subsequent cyber attacks. This is unacceptable,” Fallon emphasized.
“We are at a turning point, which means we must do everything in our power to protect our vulnerable systems from enemy cyber attacks and intrusions,” he stated.
The term “gray market sellers” refers to market channels that sell branded goods without proper authorization from the trademark owner. Some sellers may bypass regulations and offer counterfeit goods, posing serious security threats.
In May of this year, the US Department of Justice stated that a resident of Florida had been selling a large number of counterfeit Cisco equipment over the years, most of which originated from China and Hong Kong.
Prosecutors revealed that counterfeit equipment worth hundreds of millions of dollars had infiltrated US hospitals, schools, highly sensitive military and other government systems, including platforms supporting advanced US combat aircraft and military planes.
At the time, the Chief of the Criminal Division at the Department of Justice, Nicole Argentieri, said, “Criminals have flooded the supply chain with inferior network equipment from China and Hong Kong, harming US businesses, posing serious health and safety risks, and jeopardizing national security.”
The Department of Justice noted that these counterfeit devices present “numerous performance, functionality, and security issues,” with their failures causing “significant harm to users’ networks and operations”.
The Senate version of the bill was jointly introduced by Republican Senator John Cornyn and Democratic Senator Gary Peters in July of this year.
The “SAFE Supply Chains Act” has also garnered support from industry leaders. Jeff Campbell, Chief Government Affairs Officer at Cisco, stated in a release, “Counterfeit components can damage federal IT systems, posing a necessary, evident, and real danger that must be addressed.”
Campbell added, “At Cisco, we understand that the security of technology is fundamentally linked to the credibility of its source, and we support the ‘SAFE Supply Chains Act’ to ensure that the lifeline of government digital infrastructure comes from secure and reputable sources.”