3 Part Series: How the Semiconductor Shortage Poses Cybersecurity Risks to our Critical Infrastructure (Part 3)

Part 3: The Cybersecurity Implications

Given the complexity and opacity of the microelectronics supply chain, it’s currently almost impossible for operators to secure critical hardware. The offshore manufacturing of microelectronics increases the potential for intentional corruption or vulnerabilities stemming from recycled or outdated components. Moreover, the unresolved global semiconductor shortage introduces even more risk as suppliers may turn to less reputable subcontractors (even state-owned entities) out of desperation.

In short, the global electronics industry has evolved faster than the tools available to address the increasing hardware cyberattack surface. As offshore manufactured hardware is integrated into the technology stacks of US companies’ critical infrastructure, these vulnerabilities are embedded in the networks that every person and industry rely on for daily operations. It’s vital to continuously assess risk – knowing that the genealogical pattern of software and hardware production creates a ripple of vulnerabilities across versions. Without a rigorous process of scanning, our infrastructure can be exploited across multiple components.