FBI investigation into counterfeit Cisco hardware

[Drave]

Full story and the FBI's presentation at this link (it's worth reading):
FBI Fears Chinese Hackers Have Back Door Into US Government & Military, page 1

Story picked up on Slashdot: Slashdot | FBI Concerned About Implications of Counterfeit Cisco Gear

Quote:

FBI Fears Chinese Hackers and/or Government Agents Have Back Door Into US Government & Military Computer Networks


Some months ago, my contacts in the defense industry had alerted me to a startling development that has escalated to the point of near-panick in nearly all corners of Government security and IT infrastructure. The very-real concern, being investigated by the FBI, is that either the Chinese government or Chinese hackers (or both) have had the benefit of undetectable back-doors into highly secure government and military computer networks for months, perhaps years. The cause: a high-number of counterfeit Cisco routers and switches installed in nearly all government networks that experienced upgrades and/or new units within the past 18 months.

News of the counterfeit Cisco equipment has been in the mainstream for some time:
Co llaborative Current Event: Counterfeit Cisco Network Hardware Imported From China Seized
Chinese Counterfeit Cisco Network Routers Targeted In North America
Counterfeit Cisco Gear Showing Up In US
But the US government has been attempting to avoid these issues by only using higher-end Cisco partners/suppliers for the gear. However, the highly-competitive lowest-bid environment of government procurement has inspired several vendors to look for cheap alternatives for hardware... resulting in a catastrophic meltdown of security.

A few weeks ago, my sources have been providing information on a scathing investigation summary by the FBI. They've indicated that a critical Powerpoint document has been quietly circulating after a few internal presentations. While the Powerpoint presentation has been labeled unclassified, it is an official FBI publication and has been hard to track down. Thanks to key clues provided last week by two sources (both of which do not have the presentation, but have seen it), specific searches on the content of the document have turned up an online source, and I've provided all pages of the document below, along with the link to the discovered source. (The ATS upload would not allow a PPT file)

As you can see, the FBI is concerned about critical infrastructure damage, AND, the potential of access to secure government systems. Many online IT circles have been speculating that the counterfeit hardware will provide backdoor capabilities and access into compromised networks for the originators of the equipment. In fact, some areas of speculation regarding the counterfeit Cisco equipment has focused on the possibility that the hardware is being manufactured expressly to deploy exploitable systems far and wide into the wild. The rationale being that the likely "wholesale" price of the counterfeit routers and switches are so low and profit margins likely very thin, that the only real advantage may be gained from downstream system exploits in the future.

The threat is real. Compromised hardware of potentially hostile foreign origin sits within secure networks of the US government, military, and intelligence services. And as you now see, the FBI has been concerned about it.

[Malakriss]

Seriously, China is trying it's best to become the next USSR.

[Soriak]

I'd be surprised if the US weren't trying to sneek a peak into China's secrets... I mean, the US did wiretap members of the UN security council: Revealed: US dirty tricks to win vote on Iraq war | World news | The Observer

[Drave]

Quote:

Originally Posted by Soriak

I'd be surprised if the US weren't trying to sneek a peak into China's secrets... I mean, the US did wiretap members of the UN security council: Revealed: US dirty tricks to win vote on Iraq war | World news | The Observer

This isn't just about the U.S., if you think about it. The PPT presentation diagrams paths through Europe, etc.

[Quineloe]

Quote:

Originally Posted by Malakriss

Seriously, China is trying it's best to become the next USSR.

So who will win the race to that goal, the US or China?

[Drave]

Quote:

Originally Posted by Quineloe

So who will win the race to that goal, the US or China?

/ignore troll.

[Quineloe]

Quote:

Originally Posted by Drave

/ignore troll.

Who the fuck is this guy?

[Soriak]

Quote:

Originally Posted by Drave

This isn't just about the U.S., if you think about it. The PPT presentation diagrams paths through Europe, etc.

Yeah, but European countries are probably doing just the same.

Swiss may have known about secret CIA prisons - swissinfo

Quote:

According to the SonntagsBlick, Swiss military intelligence intercepted a fax received by the Egyptian embassy in London supposedly confirming the existence of the detention centres.

The message was picked up by the secret service's Onyx satellite listening system on November 10, just three days after the Council of Europe launched its investigation into allegations that the CIA was running secret interrogation centres in Europe.

[Tolanin]

i thought everyone knew about those, secret prisons in eastern europe have been a joke ever since the ussr got out of there... i doubt anyone knew where they were but who didnt think they existed.

[Drave]

Secret prisons aside... the routers/switches that connect damn near everything are basically suspect. Even Cisco "authorized" resellers were selling counterfeits.

[Gurgeh]

Quote:

Originally Posted by Drave

This isn't just about the U.S., if you think about it. The PPT presentation diagrams paths through Europe, etc.

So what ? Everyone's spying everyone. News at eleven ? You can't possibly be offended by what China seems to be doing and not be offended by what your intelligence agencies (whether you live in the US or anywhere else for that matter) are doing...

Nice trojan, was brilliant, just say gg !

[Elurin]

I haven't heard much concern.

This would only likely effect unclassified networks. It's incredibly unlikely an outsider would be able to hack a Secret/Top Secret network. The US has far more to worry about with espionage than wazoo plans involving counterfeit routers.

[Indiana]

I for one welcome our new chinese overlords.

[Jysin-DW]

Pretty much what Elurin said. Despite whatever trojans they may place, the inbound / outbound of any Secret / Top Secret facilities have multiple levels of hard encryption. Without the keys, its useless trying to make out any of the data on those trunks.

Some of the higher level trunks are run on Military only networks (100% isolation) + the encryption to deal with.

It is still a huge blow and will no doubt have the gvmt scrambling to replace the potentially affected hardware.


Another thumbs up to outsourcing!!

[Daerath]

Quote:

Originally Posted by Drave

Full story and the FBI's presentation at this link (it's worth reading):
FBI Fears Chinese Hackers Have Back Door Into US Government & Military, page 1

Story picked up on Slashdot: Slashdot | FBI Concerned About Implications of Counterfeit Cisco Gear

LOL! A story that originated on Above Top Secret. That's barely one step above saying you read it in a tabloid.

Hardware was seized, but I can honestly say that I work in the industry and there is no "near-panic" over the seizure of counterfeit equipment. There is very little mention of it in fact.