Should we be sending the plans for sophisticated U.S. military technology to the lowest bidder? Should critical computer coding for our defense systems be done by low-paid employees who haven't passed security checks? Should contractors around the world have inside information about our telecommunications and electrical networks? More and more, that's what's happening, and security experts are worried.
- In California, security experts have expressed concern about the offshoring to Thailand of critical design plans for the state’s electrical grid.1
- Some of this country's
highly sophisticated military hardware is made outside of the U.S. GE, for example, scatters the design and production of the engine for the F414 Advanced Fighter among several countries, thereby disseminating insider information about design that could be used for sabotage.
- Defense industry insiders are worried about computer coders hiding malicious code in programs they develop for the Dept. of Defense. Such code, which can be practically impossible to trace, has the potential to wreak havoc on users. The greater the outsourcing, the higher the level of risk embedded in the final product.2
- The government's own watchdog agency, the General Accountability Office, has questioned the management of risk for offshore outsourced software.3
- Likewise, the Congressional Research Service warns that offshoring software development and code writing will pose serious security issues for years.4
- The very process of contracting builds in incentives for contractors to seek out low-cost sub-contractors domestically and offshore and security concerns can be ignored.5
- While some security work is sent offshore, foreigners on work visas at domestic contractors perform other critical tasks, and visa-holders are not vetted for security concerns. As early as 1998, the FBI expressed concern about the relationship between outsider access to critical information technologies within the national infrastructure is shared by law enforcement agencies.6
- The Bush administration has opposed attempts even to collect data on defense-related offshoring. In fact, in the pitched battles over the Build American amendments to the Defense Authorization legislation in 2003 and 2004, Secretary of Defense Rumsfeld recommended jeopardizing the entire Defense budget if such an amendment were included. That shows the zeal with which the administration views offshoring.
So, what can we do about it?
>> Ahead to The Conspiracy of Secrecy
<< Back to Your Taxes at Work—Overseas
1David Lazarus, “Crucial PG&E Design Information Goes to Thailand,” San Francisco Chronicle, 11/5/03.
2Mark Willoughby, “Hidden Malware in Offshore Products Raises Concerns,” Computerworld, 9/15/03.
3General Accountability Office, Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks, GAO-04-678, 5/25/04.
4Clay Wilson, Network Centric Warfare: Background and Oversight Issues for Congress, Congressional Research Service, RL32411, 6/2/04, available at www.fas.org/man/crs/RL32411.pdf
5Matthew French, “The Outsourcing Hole,” Federal Computer Week, 7/19/04.
6See Louis Freeh, “Threats to U.S. National Security,” Testimony of the FBI Director before the Senate Select Committee on Intelligence, 1/28/98.
