As the fallout from a spate of fake jet engine parts ripples across the globe, civil aviation operators and regulators may take some solace in the dark truth that they’re not alone. Even the world’s most powerful military has suffered at the hands of counterfeit goods slipping into its supply chain, and is struggling to close loopholes and train personnel to stamp out the problem.

A little-known company founded in the English seaside town of Hove, called AOG Technics Ltd., is the starting point for a catalog of bogus products including nuts, bolts, and friction dampers, a Bloomberg News investigation found. There are more than 22,000 CFM jet engines, made by Paris-based Safran SA in conjunction with General Electric Co., currently in use. It’s unclear how many have these components inside or whether they’ve led to any incidents, but crashes directly linked to fake parts have been documented in the past.

Safety vulnerabilities would likely be an unfortunate byproduct of AOG’s attempt to skim clients by selling cheaper, refurbished components instead of sourcing new items. For the U.S. military, the risk is far bigger than monetary loss.

“Parts and materials that could present an adversary with a specific strategic advantage are a target to be counterfeit,” reads a U.S. Army pamphlet published in January. “Malicious insertions can result in system data being reported to an adversary, monitoring of a system by an adversary, or enabling an adversary to control the system.”

The purchase and installation of fake parts isn’t just some hypothetical scenario thought up by a paranoid military. It’s happened time and again, and likely persists to this day.

In one case involving more than 400 displays installed in US C-130J and C-27J military aircraft, failure rates escalated to almost a third of all units tested, including one incident while the plane was in use. The problems occurred after defense contractor L-3 Communication Display Systems placed an order, via a U.S. distributor, to a Shenzhen supplier in southern China for 4,500 memory chips manufactured by Samsung Electronics Co. That distributor specified clearly that it would only accept the shipment if sample pieces were approved. Not a problem: The Chinese vendor handpicked 18 genuine chips and sent them to the client for testing. They passed. An order for another 6,000 was placed. The chips were fakes.

A similar example occurred with more than 300 semiconductors used in systems to detect icing on aircraft wings purportedly made by San Jose, Calif.-based Xilinx Inc., but which were actually found to be knockoffs, again originating from Shenzhen. Another 3,000 bogus chips used for navigation and flight tracking that were discovered could also be traced to sources in China. A U.S. Senate report published in 2012 found that fakes were ending up in thermal weapons sights, missile interceptors, and even in computers used in the Terminal High Altitude Area Defense (THAAD) system.

Fake products in the military became so endemic that the Senate’s Armed Services Committee requested the Government Accountability Office investigate. It did so by setting up a shell company and launching a sting operation that netted hundreds of respondents. The dummy company ended up buying 16 parts from 13 vendors. Every single one was found to be counterfeit, and all were sourced from China.

Rip-off components aren’t limited to electronics. In its Product Assurance Handbook, the Army noted that while electronic equipment is the most-common category, non-genuine products were frequently found among engine accessories such as filters, plumbing parts including pipes and basic hardware items like washers and screws. Investigations by the GAO have turned up substandard titanium used in fighter jets and brake shoes made with materials including seaweed. Part of the problem, a 2010 report found, is that the Pentagon lacked a department-wide definition for the word “counterfeit.”

Theoretically, electronic systems and components should be easier to trace. All chips have a serial number etched onto them, and although this can be washed off and replaced, electronic and physical inspection means catching fakes largely requires suppliers to actually try. Mechanical parts are more difficult to verify, as the current case of CFM shows.

But it’s not impossible. Reports of knockoffs have fallen since the Department of Defense started implementing its Counterfeit Prevention Policy, which includes working quickly to identify and report suspected cases of fake parts, and boosting training across the armed forces. More can be done, including tapping into and sharing with civilian organizations. The fact that commercial operators like Safran were caught in the same type of deception as the military shows that while determined hostile governments may seek to exploit vulnerabilities, a lot of this fraud is target-agnostic. Cases outlined in U.S. Senate inquiries show that a broad array of contractors are falling victim to the same collection of perpetrators with the same goal: to make easy money.

There’s help outside the military. Michigan State University’s Center for Anti-Counterfeiting and Product Protection, for example, maintains a database of schemes that target industries from pharmaceuticals and food, to auto parts and electronics. That collection is drawn from a range of sources including the FBI and Interpol. Malicious actors rarely have one victim, so keeping track helps reveal instances and allow procurement professionals to keep apprised of new developments.

With the AOG case highlighting key vulnerabilities, government inquiries and new laws will undoubtedly follow. That should mean a more secure supply chain, but like aviation safety itself, the mission is never over.

Tim Culpan is a Bloomberg Opinion columnist covering technology in Asia. Previously, he was a technology reporter for Bloomberg News. This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.