Supply Chain Security: Chinese Influence on U.s. Industry

Earlier this month, Bloomberg issued an alarming report alleging that Chinese manufacturers installed malicious microchips in computer equipment destined for U. S. tech companies, such as Amazon and Apple. This same article even insinuated that some of the effected equipment made its way into the Department of Defense and the CIA. While the aforementioned companies and agencies have vehemently denied this attack by the Chinese, it begs the question: Could this actually happen? The prospect of a foreign adversary implanting microchips onto computer servers with the goal of disrupting and monitoring the digital activities of millions of Americans is to say the least, frightening. American tech companies in the computer manufacturing industry must have a competent, vigilant yet aggressive supply chain management apparatus in order to avoid these types of scenarios.

To truly grasp the threats to supply chain management, it must first be adequately defined. Supply chain management is a broad term that encompasses efforts to reduce internal as well as external threats such as terrorism and piracy, both with regards to cyberattacks as well as in reality. These threats are not just confined to U. S. government systems or to giant tech companies, but also to the general public at large. In order to analyze this issue, we must ask: How did we get here? According to the Defense Intelligence Agency’s 2018 Worldwide Threat Assessment, China’s armed forces continued implementing sweeping organizational reforms that President Xi Jinping unveiled in 2015. This reorganization is the latest phase in China’s long-term military modernization program, which has been characterized as essential to achieving great-power status and what Chinese leadership deems the “China Dream of national rejuvenation. ” Chinese leadership portrays a strong military as critical to advancing China’s interests and ensuring that China can defend itself and its sovereignty claims.

This “rejuvenation” seeks to enhance the capabilities of the Chinese military to improve many of its operations, most notably, to strengthen the Chinese Communist Party’s control over the military. The changes instituted during the past year reduced the size of the Central Military Commission, streamlined its control over the PLA and propagated reform to lower level units and below. The PLA also is strengthening its joint operational command system and developing its new Strategic Support Force, which consolidates cyber and electronic warfare.

Last year, according to a report in the Financial Times, China announced a 6. 5 percent increase in its annual military budget, to $154. 3 billion, second only to the United States. This budget extends more than two decades of annual defense spending increases, which leads China to be able to sustain cyber operations for the foreseeable future. A major investment in China’s military budget, specifically in the consolidation of its cyber operations, can lead to an explanation at possible issues with supply chain management and security.

While China continues to modernize its military cyber operations, another avenue for potential conflict in supply chain management is the ongoing tension between the United States and China on trade. The Trump administration has made computer equipment and networking hardware a focus of its latest round of trade sanctions against China, and White House officials have made it clear they think companies will begin shifting supply chains to other countries as a result. Such a shift might assuage officials who have been warning for years about the security of the supply chain. However, persistent trade imbalances and uncertainty with trade policies by the current administration will continue to pose challenges for US economic security and supply chain management. Whether it is from China or another actor, adequately identifying the intentions and capabilities of the adversary is key to mitigating any potential risk. Realizing the intentions of the adversary will help identify any potential vulnerability in the supply chain process. Another mitigating factor is identifying the adversary’s capabilities. Are they actually capable of disrupting the supply chain process? If so, how can they do it? Identifying an adversary’s capability is key to finding countermeasures to potentially stave-off an attack.

In order to ensure threats to supply chain management are minimized, certain measures must be taken. While some of the responsibility lies within the organization, there are some measures the government could take as well. For example, the European Union has enacted certain measures mandating that businesses must analyze data privacy and security risks prior to sharing consumer information with suppliers, vendors and outsourcing partners. The economic wellbeing of the United States is dependent on the expeditious flow of millions of cargo shipments that arrive each year. Thus, it’s the responsibility of Customs and Border Protection (CPB) and the Department of Homeland Security to ensure the smooth flow of goods into and out of the United States. However, CPB can’t inspect every piece of computer equipment and software coming from places like China, especially without technological resources and training that could ultimately cost millions of dollars. Therefore it must be the responsibility of the organization to examine products received from third party manufacturers.

There are some obvious measures that can be taken as an organization to deter disruptions in the supply chain process. Take into account the actions taken by Dell, widely recognized as having one of the more supply chain management systems in the tech community. Collaborating with other leaders in the industry as well as manufactures and suppliers, Dell has set high standards to protect the supply chain system by taking a more consumer-focused approach. By taking an approach that’s focused on customer needs, several options are offered to customers, options the company controls but ones that allow customers to choose a customized product. The customer’s decision then pulls demand for the computer manufacturer by dictating what equipment is needed within its supply chain.

A customer centric approach allows for a limited supply chain and thus allows for easier monitoring of what goods flow through the supply chain. Minimizing what moves through the supply chain can then allow for the organization to allocate resources to combat possible threats to any number of parts throughout the supply chain process. As an additional approach, Dell has committed itself to focusing on being transparent in how it conducts various aspects of supply chain management. In being transparent with consumers up to suppliers and higher echelons in the organization, it holds accountable its practices throughout the manufacturing process.