Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Says Military Had Counterfeit Cisco Routers

Posted by kdawson on from the who-do-you-trust dept.

There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."

5 of 186 comments (clear)

  1. And outsourcing.... by proudfoot · · Score: 5, Interesting

    Verification of the producer is essential here - and this is perhaps the moment where outsourcing will bite us in the ass. While you can only buy american made cisco routers, there is no doubt some chipsets made in it are manafactured overseas.

    1. Re:And outsourcing.... by UnknowingFool · · Score: 5, Interesting

      I don't know if that will be enough. I remember there was a story from the Cold War on how the CIA spied on the KGB. The KGB used Xerox copiers in their offices. I don't know if the CIA convinced Xerox to modify the copier or they modified it before the KGB received it, but the copier would record all copies to flash memory. Every so often, the CIA would have to retrieve the memory. The KGB eventually got suspicious that one machine seemed to be serviced all the time while the other one wasn't. They weighed both machines and found a tiny difference in weights. Eventually they found an extra board. That's my recollection of it. I can't seem to google for the backstory. Even if you bought 100% American parts, there is not guarantee that it wasn't tampered with during a routine repair and maintenance or tampered with in the manufacturing process.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
  2. "Counterfeit" not an issue... by Em+Adespoton · · Score: 5, Interesting

    From what I understand, the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.

    In this case, if Cisco is comparing the counterfeit routers to their legit ones, they should always be the same.

    The question this doesn't answer is this: does the LEGIT Cisco equipment contain back doors? How can Cisco be sure it doesn't? Most of the components are manufactured offshore and the assembly is done offshore. Have they examined each part with an electron microscope to verify it doesn't do anything more than what the spec says it should do?

    They can't just watch for network activity; these routers might be filtering and caching data waiting for the eventual physical removal of the router in the next upgrade cycle -- or, they might all have a kill switch built in, so someone can remotely take out ALL routers. There are an infinite number of possibilities to look for, and since Cisco doesn't manufacture everything in-house, they really don't have much hope of detecting that none of the infinite possible modifications have been made.

    1. Re:"Counterfeit" not an issue... by dreamchaser · · Score: 5, Interesting

      I am generally for free trade and against protectionism, but I am leaning more and more towards the need for a law that makes it mandatory that all gear (guns, routers, computers, coffee makers, etc.) purchased by the Government for any use that is even remotely sensitive be made in the US by US owned companies. That won't necessarily solve this kind of problem, but it would certainly make it far easier to prosecute entities who do things that threaten our national security.

    2. Re:"Counterfeit" not an issue... by Anonymous Coward · · Score: 5, Interesting

      As being someone who recently has purchased several Cisco products on Ebay lately, I can tell you that the counterfeit items are not made on the same assembly line. There are several design differences between them.I use the "Andover test" to tell if I'm purchasing authentic Cisco cards.

      If I did purchase a card or Cisco product that did pass the Andover test, then chances are that it was manufactured on the same assembly line, but then you would most likely see a report of a duplicate mac address on a "genuine" Cisco product somewhere. So yes it's a possibility, but highly unlikely IMHO.