Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Says Military Had Counterfeit Cisco Routers

Posted by kdawson on from the who-do-you-trust dept.

There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."

38 of 186 comments (clear)

  1. And outsourcing.... by proudfoot · · Score: 5, Interesting

    Verification of the producer is essential here - and this is perhaps the moment where outsourcing will bite us in the ass. While you can only buy american made cisco routers, there is no doubt some chipsets made in it are manafactured overseas.

    1. Re:And outsourcing.... by moderatorrater · · Score: 4, Informative

      While essential, it's not the only step. Automatic tests of the router hardware, random checking, and employee control are all necessary steps if we really want our government networks to be secure.

    2. Re:And outsourcing.... by failedlogic · · Score: 4, Interesting

      I would agree on this one 100%. Outsourcing is in part responsible for this, although, we can't ever be 100% sure of goods manufactured domestically. These companies could care less about counterfeiting Cisco routers so let's say Cisco were to pull the contract. What's to stop the outsourced producer from selling these counterfeits in their own country without the Cisco name? Maybe they already are because presumably (as I understand) because IP law is hard or impossible to enforce in some countries.

      As the NSA already seems to be certifying comm. gear in the military (or might even make the chips for it). Perhaps even for other departments like the FBI. I see one possibility of this that the NSA certifies routers (or makes them itself) or at least makes them in the USA. I don't work with routers nor am I familiar with their manufacturer. I guess my last point, pertaining at least to the FBI investigation, would be invalid if Cisco makes some routers in the USA except, as you indicate, for some chipsets. Though even on chipset in itself could pose a significant risk.

      I'm just surpised that the FBI is even making a "presentation" to anyone on this; regardless of wether the presentation leaked or not.

    3. Re:And outsourcing.... by UnknowingFool · · Score: 5, Interesting

      I don't know if that will be enough. I remember there was a story from the Cold War on how the CIA spied on the KGB. The KGB used Xerox copiers in their offices. I don't know if the CIA convinced Xerox to modify the copier or they modified it before the KGB received it, but the copier would record all copies to flash memory. Every so often, the CIA would have to retrieve the memory. The KGB eventually got suspicious that one machine seemed to be serviced all the time while the other one wasn't. They weighed both machines and found a tiny difference in weights. Eventually they found an extra board. That's my recollection of it. I can't seem to google for the backstory. Even if you bought 100% American parts, there is not guarantee that it wasn't tampered with during a routine repair and maintenance or tampered with in the manufacturing process.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
    4. Re:And outsourcing.... by Detritus · · Score: 4, Informative

      http://www.parascope.com/articles/0197/xerox.htm

      --
      Mea navis aericumbens anguillis abundat
    5. Re:And outsourcing.... by dave420 · · Score: 2, Insightful

      As you say, even domestically-produced hardware can theoretically have trojans in it, so it should be standard practice to certify everything they use, regardless of where it came from.

      The outsourcing boogeyman has nothing to do with this - relying on the "USA A-OK" school of thought as some sort of defense against malicious hardware is obviously not a good idea.

    6. Re:And outsourcing.... by Vancorps · · Score: 2, Insightful

      It's worth noting you can do everything a Cisco router can do with a Linux box. I just built a box with Zebra and a solid state hard drve along with a 4 port network card. I have some pretty good throughput with that and I would have no trouble adding additional cards for connections to OC48s and higher.

      Cisco is becoming increasingly irrelevant. They don't bring anything to the table that isn't already out there and they segment it all so it's a lot harder to manage than it needs to be.

      Anyone else notice a sharp decline in the quality of Cisco products over the last 5 years?

    7. Re:And outsourcing.... by everphilski · · Score: 2, Insightful

      but the copier would record all copies to flash memory

      Flash memory... cold war? Surely you must be joking ...

      They used a camera with a roll of film, which they then had to develop ... whippersnappers! get off my lawn!

    8. Re:And outsourcing.... by CodeBuster · · Score: 4, Interesting

      Even automatic checking and testing can be subverted by a determined adversary. For example consider the program, approved by President Reagan and beginning in 1982, whereby the CIA arranged for the Soviets, who were actively attempting to acquire western technology and hardware, to receive natural gas pipeline software and equipment that was designed to "go haywire" after a set amount of time in normal operation. When the pipeline software and hardware, which would have appeared totally normal at first even if the Soviets had bothered to test it, eventually went haywire (i.e. it ran the ultra high pressure scenario) the resulting explosion was so large that it was detected by satellites designed to monitor nuclear explosions from space. The following article from the Washington Post describes this and other programs and operations that took place during the Cold War as part of a coordinated CIA effort to slip bad technology to our enemies.

    9. Re:And outsourcing.... by Thundersnatch · · Score: 4, Insightful

      It's worth noting you can do everything a Cisco router can do with a Linux box.

      Except connect to a SONNET network. Or a DS3 interface. Or aggregate multiple T1s. Or suport terabit switching and routing speeds.

    10. Re:And outsourcing.... by flyingsquid · · Score: 2, Funny

      I've heard that the problem is a lot more severe than they're actually letting on. Apparently, one of the biggest problems that they're facing is counterfeit Microsoft products. Fortunately, they're pretty easy to recognize, you just have to educate your employees about how everything is supposed to be functioning, and then be vigilant in looking for anything that appears out of the ordinary, any erratic or unusual behavior whatsoever. So if you notice that your computer is running unusually fast, that you're getting a lot of work done, or that the interface is intuitive and easy to use, then you can be sure that you've been sold a counterfeit Microsoft product.

    11. Re:And outsourcing.... by Vancorps · · Score: 2, Informative

      SONET, DS3, and DSUs in any quantity can be purchased for a computer without a problem. When you get into the terabit range you still have a lot of options.

      For switching Cisco makes zero sense, HP gives you higher through-put for less money and they aren't the only ones. Let the router do the routing and the switch can do the switching.

      The only reason Layer 3 and 4 switches are becoming commonplace is because routers get more and more expensive the higher up the stack you go. There is nothing worse than using a wire-speed layer 3 switch which is undergoing a heavy load from file transfers as a central routing gateway. Especially when you get into BGP and OSPF.

      Terabit backplanes are nothing new though, easily achieved through distributed computing and for far less money.

  2. "Counterfeit" not an issue... by Em+Adespoton · · Score: 5, Interesting

    From what I understand, the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.

    In this case, if Cisco is comparing the counterfeit routers to their legit ones, they should always be the same.

    The question this doesn't answer is this: does the LEGIT Cisco equipment contain back doors? How can Cisco be sure it doesn't? Most of the components are manufactured offshore and the assembly is done offshore. Have they examined each part with an electron microscope to verify it doesn't do anything more than what the spec says it should do?

    They can't just watch for network activity; these routers might be filtering and caching data waiting for the eventual physical removal of the router in the next upgrade cycle -- or, they might all have a kill switch built in, so someone can remotely take out ALL routers. There are an infinite number of possibilities to look for, and since Cisco doesn't manufacture everything in-house, they really don't have much hope of detecting that none of the infinite possible modifications have been made.

    1. Re:"Counterfeit" not an issue... by dreamchaser · · Score: 5, Interesting

      I am generally for free trade and against protectionism, but I am leaning more and more towards the need for a law that makes it mandatory that all gear (guns, routers, computers, coffee makers, etc.) purchased by the Government for any use that is even remotely sensitive be made in the US by US owned companies. That won't necessarily solve this kind of problem, but it would certainly make it far easier to prosecute entities who do things that threaten our national security.

    2. Re:"Counterfeit" not an issue... by Anonymous Coward · · Score: 5, Interesting

      As being someone who recently has purchased several Cisco products on Ebay lately, I can tell you that the counterfeit items are not made on the same assembly line. There are several design differences between them.I use the "Andover test" to tell if I'm purchasing authentic Cisco cards.

      If I did purchase a card or Cisco product that did pass the Andover test, then chances are that it was manufactured on the same assembly line, but then you would most likely see a report of a duplicate mac address on a "genuine" Cisco product somewhere. So yes it's a possibility, but highly unlikely IMHO.

    3. Re:"Counterfeit" not an issue... by Frosty+Piss · · Score: 4, Informative

      From what I understand, the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.
      I keep hearing this. But look at the images of the hardware side by side ... Is it the same? No it's not. Clearly these two boards are not from the same manufacturing line.
      --
      If you want news from today, you have to come back tomorrow.
  3. Not a big surprise. by Smenj · · Score: 5, Informative

    I work for a company that sells used electronics on eBay. We'll occasionally buy cheap gear over eBay too, then resell it at a profit. For many months now we've had a huge problem with counterfeit Cisco cards. It's amazing how detailed the counterfeiters are. My boss wrote up a detailed guide on how to spot fakes. Google "counterfeit cisco wic".

  4. Question is... by Anonymous Coward · · Score: 2, Interesting

    ... of the DARPA-hacked routers were any of the 'cisco experts' able to determine tampering?

    That seems like a logical test, so I have to wonder if they have done it already... or not?

    If they contain no backdoors, *THAT WE CAN FIND*, do we continue using them?

  5. Re:We've always been at war with Eurasia by Ethanol-fueled · · Score: 2, Interesting

    I merely skimmed one article which said that Cisco examined the routers and found no backdoors. The Ministry of Peace is probably just trying to test the sneakiness of their own snooping electronics in the name of "national security". The trojans which are found are omitted and the ones which aren't found make it to the production runs. Oh, and before all of this happens, they have the Ministry of Truth spread FUD about Eastasia doing it "first", even though Cisco checked the counterfeit routers and found nothing suspicious. To paraphrase what another slashdotter said a little while ago, "...the government is using 1984 as an instruction manual." They even got Emmanuel Goldstein right: instead of making him advocate freedom, they chose a more unlikeable character(and will chose others like him): Osama Bin Laden.

  6. Re:This is what we get by gregarican · · Score: 2, Interesting

    More like any company that outsources and doesn't perform internal quality control of what they are reselling should be made criminal in this instance of reselling to governmental agencies. Buy a Cisco, throw it in a private LAN sandbox, fire up Wireshark. Rinse, lather, repeat. Yawn...

  7. "Partnership" by CustomDesigned · · Score: 3, Interesting

    Anne McCaffrey wrote a book called PartnerShip with a plot very similar to this situation. The villian provides chips to the Galaxy, including the military. When nearly everyone has upgraded, it turns out that he can remotely control every device, including military hardware, controlled by the chips. That's enough of a spoiler. How can such a grand and well planned scheme be defeated? You'll have to read to find out...

  8. Fear Fear Fear by Anonymous Coward · · Score: 4, Insightful

    Be afraid. Be very afraid. Vote for those that seek to protect you.

    This seems like a scare tactic to "warn" people about the dangers of fake hardware/software. Expect a big push around these types of "stories" as more bills like PRO-IP go through congress and as the creation of the IP & Copyright Czar in the Whitehouse gets a big push.

    It's a concern but seems to point more to incompetence rather than some difficult-to-spot threat. Why are government agencies not buying directly from Cisco? Seems they should have some sort of corporate connection.

    "We must protect our precious bodily fluids."

    1. Re:Fear Fear Fear by ahabswhale · · Score: 3, Insightful

      1) This has nothing to do with IP rights.

      2) It's a concern when you consider the potential effects of this kind of infiltration. Buying directly from Cisco, in no way, protects you from this problem. The hardware is still made overseas in some factory by a bunch of people who may not like the US very much (which is true of 99% of the planet right now).

      Apparently you lack the imagination to see how ugly this can get. Fortunately DARPA isn't run by you.

      --
      Are agnostics skeptical of unicorns too?
    2. Re:Fear Fear Fear by _Sprocket_ · · Score: 2, Interesting

      I wouldn't be so quick to dismiss the IP rights issue. Counterfeiting is all about IP rights. The law doesn't differentiate between you producing knock-off fashion items, work-alike network gear, or burning copies of a music album or movie. Expect these kinds of stories to show up more as pushes are made to put more teeth behind these laws. The same laws that most benefit hot-button topics for the Media industries.

      Having said that - I would agree that counterfeit gear is a real issue with real potential impact.

  9. /Light Bulb Flashes Overhead by gregarican · · Score: 4, Funny

    So that's why my crappy Linksys wifi access points have to be rebooted every week or so. Damn commies!!!

  10. You reap what you sow by MarkGriz · · Score: 3, Interesting

    CIA slipped bugs to Soviets

    --
    Beauty is in the eye of the beerholder.
  11. Selling out the back door by sjbe · · Score: 5, Informative

    the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for. That happens ALL the time. I've visited manufacturing plants in China and I've seen it happen with my own eyes. Selling out the back door is not surprising at all. In fact this is why I'm less worried than I might otherwise be about the gear having back doors or being otherwise compromised. Simplest explanation is just theft in one form or another.

    does the LEGIT Cisco equipment contain back doors? Very good question. Got to be worrisome to the US military and security agencies. Much/most off the shelf hardware is made outside the US where it wouldn't me much of a stretch to imagine backdoors have been added by foreign governments. Same worries that other governments have about US made/designed software and hardware. And of course if you really want to get tin-foil-hat about it one has to wonder if our own government has had back doors installed. Very unlikely to be sure, but clearly possible.

    That said, it's pretty low on the list of likely threats. Pretty hard to know exactly what gear will be placed where and what it will give you access to. Plus even with a back door, places with sensitive data are more likely to be monitoring the traffic which is harder to hide.
  12. Technical details of malicious hardware by Sam+King · · Score: 5, Informative

    For those of you who are interested, you can find more technical details of how we designed and implemented malicious hardware from here

    -- computer scientists from University of Illinois

  13. it is important to carefully inspected new gear. by atarione · · Score: 4, Funny

    if your new rack mount routers and switches say "crisco" on the front you may have a problem.

    --
    actually I am happy to see you, however that is in fact a banana in my pocket.
  14. Re:free software distributes the effort. by gartogg · · Score: 4, Insightful

    Items with high capital costs don't work well as "open source;" basically, the manufacturing plants costs so many billions of dollars that no one who isn't doing proprietary work could afford it. Even if you could open source chip design (a dicey proposition, since there are many fewer EE Phds that want to donate time than there are CS Phds,) there are still difficulties with the actual manufacturing, and we would still need to guarantee the physical chips, which are individual, and cannot be "re-compiled;" if you think there may be an issue with a batch, you can't start over without paying for new chips.

    Maybe, however, I am missing something about the procedure you are proposing; what parts would be open source?

    --
    I'm a concientious .sig objector.
  15. How many back doors? Who has the keys? by natoochtoniket · · Score: 3, Interesting

    The question is not whether Cisco routers have back doors. That has to be assumed. If I was running NSA over the last several decades, I would have my people deep inside every communication equipment manufacturer. The manufacturers management might not even know about it.

    The NSA surely has arranged to have one or more back doors designed into virtually every kind of communications switch. The only Cisco employees who would know about them would be the NSA people who work inside Cisco, and some regular Cisco employees who have been cleared. If this has not been done, the NSA senior managers should be fired or jailed.

    The real questions are: How many back doors are there? and who has the keys? The (assumed) NSA back door might not be the only one. There is a possibility that the Chinese or Indian chip-fab or software contractors have also installed back doors for their own governments.

    With billion-gate machines, a few thousand extra gates would be hard to see. If the extra logic looks like instruction-cache, but just has a little extra code, it would be almost impossible.

  16. Re:Non free software and offshoring are evil. by Dishevel · · Score: 2, Interesting

    Lets see. A non free society that can barley feed its people now. That has a huge number of people that is now comming into the industrial age and is going to NEED all the energy it can get its hands on very soon is an enemy to be to all who are near.

    --
    Why is it so hard to only have politicians for a few years, then have them go away?
  17. Re:An Evil Competitor. by smittyoneeach · · Score: 2, Insightful

    two groups of brutal tyrants
    I find a considerable amount of what RMS has to say at least thoughtful and challenging, except on political topics.
    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  18. Re:An Evil Competitor. by Free+the+Cowards · · Score: 2, Informative

    The military is now authorized to act against US Citizens in "an emergency". I think that 1807 is a little too far in the past to call "now".
    --
    If you mod me Overrated, you are admitting that you have no penis.
  19. Re:Brutal US Actions. by smittyoneeach · · Score: 2
    Emphasis mine:

    an irreparable infrastructure and horrific civil war. If that's not bad enough for you
    Is the goal here to trade examples of hyperbole, or to engage in a thorough critical analysis of some arguably crappy policy decisions and tragedies that resulted therefrom?
    I had subscribed to RMS's politcal RSS feed for a while, but the continuous stream of unhelpful thought along the lines of your quoted fragment became too much.
    Clinton, Bush, et al. are just flexing the http://en.wikipedia.org/wiki/War_Powers_Act. If you want my attention, tell me how we're going to restore the separation of powers written within the United States Constitution, and require a President to get a proper declaration of war before galavanting. Short of that, what are you doing but setting yourself up for More Of Same, sir?
    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  20. Re:An Evil Competitor. by dedazo · · Score: 2, Informative

    Everything you own can be confiscated for suspicion of "making available" crappy RIAA music that can be found on any radio station. Your email, web browsing, phone conversations and church can all be monitored without a warrent [etc]

    You know twitter, my dad and his brothers lived through Argentina's "Dirty War". I didn't really understand what they went through until I was a little older and he asked me to play (and pay attention to) one of his old LP records. It's amazing how a simple song will open our eyes to things you can't grasp when they are explained in other ways. If you ever have a chance to listen to "Yo Te Nombro" (would translate roughly to "I Say Your Name") by Nacha Guevara, do take the opportunity to do so. It's a powerful statement of all the things you lose (the most important of which is your own humanity) in an environment of total and complete repression.

    I doubt you will ever stop humping the "I hate M$" horse, but maybe what you need is to have some sense of measure when you talk about what a horrible place the US has become now that the RIAA can search your computer, just so you can make a point about your racially-charged dislike of China, which I assume is no different from the one you've displayed in the past towards India and other countries.

    --
    Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
  21. Re:free software distributes the effort. by CrazedWalrus · · Score: 2, Interesting

    This is all coming down to the fact that we need to assume NO network is secure; that we may be subject to man-in-the-middle attacks even within our own networks.

    The solution is not to verify every chip, because that's probably impossible. Somebody's going to sneak something in somewhere. The solution is to make all data that travels through the chip unintelligible -- e.g. point-to-point encryption for *all* connections.

    Once you encrypt all communications, the biggest security concern becomes the endpoints, not the myriad of things in between.

  22. Re:An Evil Competitor. by drinkypoo · · Score: 2, Insightful

    If you think the US a tyranny, then I wish you could go live in an actual tyranny, briefly, for comparison.

    arbitrary or unrestrained exercise of power; despotic abuse of authority. - check! It's just in other countries. the government or rule of a tyrant or absolute ruler. - check! The executive branch has been heading towards full dictatorial powers and can now "legally" seize them in case of an emergency, in so many words. oppressive or unjustly severe government on the part of any ruler. - check! In my opinion just the laws against victimless crime are sufficient to qualify. One percent of our population is in prison. And while we ostensibly do not permit cruel or unusual punishment, not only do we kill people for crimes (as if it solved anything) but we do it in horribly inhumane ways; while hanging has gone out of vogue (breaking or at least damaging someone's neck and strangling them by their own weight, which can take minutes) we still electrocute people (causing their body to dance, shake, twitch, and convulse for some time) or use a gas chamber (in which you have ample time to think about your impending death.) At least the lethal injection is relatively "humane" (as if putting someone to death unnecessarily after our social system has by definition failed them could ever be termed as such.) undue severity or harshness. - The system is full of it! Shit, you can potentially get sent to jail for years for copying a DVD for personal use! This government is completely out of control and just because it's worse in other places doesn't mean it's not bad here. Your standards are just so low that you're willing to put up with a government which repudiates everything this nation ostensibly stands for and deliberately causes pain and suffering in the name of profit.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"