Giving Preference to Domestically
Manufactured Electronic
Goods
Domestically
manufactured electronic products are expected to be more secure because
effective monitoring processes can be put in place for manufacturing processes
of security
sensitive electronic
products
With increasing deployment of electronic devices and Information
Technology applications in various sectors, the critical applications and
associated infrastructure are becoming vulnerable to cyber attacks including
espionage, financial theft and cyber terrorism. The forms of attack include
backdoors, malicious code, identity-theft and information warfare. Instances of
malware and other cyber attack tools pre-loaded on to electronic hardware
equipment have been detected world-wide. Imported software and hardware IT
products are often shipped with maliciously embedded malware. There have been
concerns about supply chain security as computers, portable devices and other
electronic devices pass through several suppliers before the final product goes
on sale and somewhere along line someone could compromise a component or design
a capability that could enable cyber attacks. Backdoors are not necessarily limited
to software applications as hardware components, such as Embedded Radio
Frequency Identification (RFID) chips or hardware encryption products could be compromised.
Even critical infrastructure in civilian sector like Power System is being targeted
with targeted attacks on Supervisory Control and Data Acquisition Systems
(SCADA) emerging.
Using modified hardware provide attackers with a fundamental advantage
compared to software based attacks. Due to the lower level of control offered
attackers can more easily avoid detection and prevention. Hardware encryption products
have also been found to be embedded with malicious software to enable leakage
of encryption keys and reduction of encryption strength. In all these
instances, the attack code is found to be hard coded in hardware.