For years, low-cost offshore 3D-printing OEMs have flooded the market with machines that look modern, are inexpensive, and “good enough.” But beneath the glossy marketing, a more dangerous reality is beginning to surface: these devices are increasingly functioning as unmonitored digital conduits into Western factories, defense suppliers, and research labs.

Recent revelations from U.S. agencies and cybersecurity researchers make one thing clear:
trusting unvetted foreign OEMs with access to your production data, designs, firmware, and networks is no longer a cost-saving strategy. It’s a supply-chain vulnerability.

A National Security Wake-Up Call: CISA’s AA25-239A Advisory

In August 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued advisory AA25-239A, which describes a PRC-affiliated threat group that has penetrated operational technology (OT) networks using compromised hardware, legitimate-looking updates, and supply-chain footholds.

Direct quote from the advisory:

“PRC cyber actors have leveraged access to compromised equipment and vendor ecosystems to maintain persistent access to U.S. critical infrastructure.” — CISA AA25-239A

Let’s translate that into manufacturing terms:

If your 3D printer’s firmware, telemetry, cloud service, or update channel is controlled by an untrusted foreign entity, you’ve effectively installed a managed endpoint for someone else, not for you.

The advisory highlights a pattern:
Attackers aren’t smashing down the front door - they’re walking in through the supply chain, disguised as the vendors you thought you could trust.

How Does This Happen? The Register’s Investigative Reporting Shows the Playbook

The Register, in its August 2025 article “How does China keep stealing our stuff?”, outlines exactly how offshore organizations continue acquiring Western technology and IP despite export controls. The reporting describes a long-term strategy of embedding within global supply chains, using inexpensive, ubiquitous hardware as leverage.

One line stands out:

“The success of China’s operations lies in how deeply embedded their suppliers and technology intermediaries have become in Western commercial ecosystems.” — The Register, 2025

This is the quiet truth no one in manufacturing wants to say out loud:

When you bring an untrusted foreign OEM machine onto your factory floor, you’re not buying equipment, you’re importing a relationship with an ecosystem you cannot audit and do not control.

And that relationship includes:

• Unknown firmware origins
• Remote update channels hosted offshore
• Data exfiltration paths through innocent-seeming telemetry
• Embedded components sourced from state-influenced suppliers
• Potential backdoors hidden behind “remote diagnostics”
  
   

As The Register bluntly notes, “access” isn’t taken. It’s engineered into the supply chain from the start.

Digital Manufacturing Has a Security Perimeter and Cheap OEMs Punch Holes in It

Many foreign OEMs selling bargain printers into the U.S. don’t talk about security because they can’t.
They can’t prove:

• Where their firmware is authored
• Who has signing authority
• How many subcontractors have visibility into your print files
• Whether remote access is truly disabled
• How their cloud platforms are monitored
  
   

If you ask, they’ll point you to a PDF.
When you ask us, you’ll get real answers directly from our engineers and leadership team.

Because the truth is simple: These vendors are optimized for cost, not trust.

And trust is the real currency of Industry 4.0.

Markforged’s Position: A Secure, Controlled, Digital Forge

Markforged intentionally takes the opposite approach.

• U.S.-based cloud infrastructure
• Secure firmware signing
• Ability to be 100% offline

When you print a part on the Digital Forge, you know exactly:

• Where your data lives
• Who can touch your machines
• How updates are provided and validated
  
   

This is why defense, aerospace, and automotive customers rely on Markforged, not just as a machine vendor, but as a secure industrial partner.

What’s at Stake: Your IP, Your Customers, and Your Credibility

Cheap hardware is never cheap in the long run.

The biggest cost isn’t downtime or broken nozzles - it’s loss of control over your proprietary designs, your production workflows, and your operational integrity.

If you wouldn't let an unknown actor into your factory, don’t let their hardware in either.

The future of manufacturing belongs to those who take security seriously.

And in a world defined by digital supply chains, security is the new differentiator.