May

10

FBI Worried as DoD Sold Counterfeit Networking Gear

Filed Under General | Posted By Jennifer Sullivan |

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

fbi_logo.JPGThe U.S. Federal Bureau of Investigation is taking the matter of fake Cisco equipment very seriously, in accordance with a leaked FBI arrangement that highlights problems in the Cisco supply chain.

The presentation presents an impression of the FBI Cyber Division’s attempt to crack down on counterfeit network hardware, the FBI stated Friday in a statement. “It was by no means planned for broad sharing across the Internet.

In late February the FBI broke up a counterfeit distribution network, seizing a predictable US$3.5 million worth of components manufactured in China. This two-year FBI attempt, called Operation Cisco Raider, involved 15 investigations run out of nine FBI field offices.

According to the FBI presentation, the false Cisco routers, switches and cards were sold to the U.S. Navy, the U.S. Marine Corps., the U.S. Air Force, the U.S. Federal Aviation Administration, and even the FBI itself.

One slide refers to the problem as a “critical infrastructure hazard.”

The U.S. Department of Defense is taking the issue seriously. Since 2007, the Defense Advanced Research Projects Agency has funded a program named Trust in IC that performs research in this area.

Last month, researcher Samuel King demonstrated how it was possible to change a computer chip to provide attackers virtually untraceable back-door access to a computer system.

King, an assistant professor in the University of Illinois at Urbana-Champaign’s computer science department, has disputed that by tampering with equipment, spies could open up a back door to sensitive military systems.

In an interview on Friday, he told the slides show that this is visibly something that has the FBI concerned.

The Department of Defense is also worried. In 2005 its Science Board cited concerns over just such an attack in a report.

Cisco considers the counterfeiting is being prepared to make money. The company investigates and tests counterfeit equipment it finds and has never found a “back door” in any counterfeit hardware or software, stated spokesman John Noh. “Cisco is working with law enforcement.

The company monitors its channel associates and will take action, as well as termination of a contract, if it discovers a partner selling counterfeit equipment, he stated. “Cisco Brand Protection coordinates and collaborates with our sales organizations, along with government sales, across the world, and it’s a very tight integration.”

The best method for channel partners and consumers to keep away from counterfeit goods is to purchase only from authorized channel partners and distributors, Noh stated. They have the right to demand written proof that a seller is authorized.

However, the FBI doesn’t seem pleased with this advice. According to the presentation, Cisco’s gold and silver partners have purchased counterfeit equipment and sold it to the government and defense contractors.

Security researcher King believes that the government is more affluent focusing on detection rather than trying to protect the IT supply chain, since there are strong economic incentives to keep it open and flexible– even if this means there may be security troubles. “There are so many good reasons for this worldwide supply chain; I just suppose there’s no way we can protect it.”



Tags: ,




Leave a Trackback

AddThis Social Bookmark Button


Comments

Leave a Reply