Tuesday, May 13, 2008

FBI fears Chinese have back doors into US government networks

FBI is investigating security leaks that could help Chinese government or Chinese hackers (or both) to benefit of undetectable back-doors into highly secure government and military computer networks for months, perhaps years. The cause: a high-number of counterfeit Cisco routers and switches installed in nearly all government networks that experienced upgrades and/or new units within the past 18 months.

US government has been attempting to avoid security issues by using only higher-end Cisco partners/suppliers for the gear. Cisco have 80% of the market share on networking solutions and 1 of 10 Cisco products are fake. These products are sold on the black market ans can end-up in sensitive networks. However, the highly-competitive lowest-bid environment of government procurement has inspired several vendors to look for cheap alternatives for hardware... resulting in a catastrophic meltdown of security.

There is an unclassified FBI presentation that has been released discusses the fear that China is intentionally having counterfeit Cisco hardware sold in the United States. In the presentation, the FBI discusses four cases that they had investigated where this hardware has been discovered even in classified networks.

The more serious statements made in this presentation are on slide 30, where they claim about 10% of the information technology hardware that is sold globally is counterfeit and it is being sold through legitimate channels (KPMG is the cited source) for the past couple of years. In the case of Cisco, this counterfeit hardware is sold through their Cisco Gold and Silver Partners program. Other vendor vetting processes are just as flawed allowing this hardware to enter into your IT infrastructure.

This photo from the FBI presentation shows the differences between a original Cisco Router and a fake one:

FBI is concerned about critical infrastructure damage and the potential of access to secure government systems. Many online IT circles have been speculating that the counterfeit hardware will provide backdoor capabilities and access into compromised networks for the originators of the equipment. In fact, some areas of speculation regarding the counterfeit Cisco equipment has focused on the possibility that the hardware is being manufactured expressly to deploy exploitable systems far and wide into the wild. The rationale being that the likely "wholesale" price of the counterfeit routers and switches are so low and profit margins likely very thin, that the only real advantage may be gained from downstream system exploits in the future.

US Government should buy only from mainland assembly plants (in the US, preferably monitored) and cutting out any suspicious links in the chain.

Another issue of security that Richard Marcinko was complaining about back in the 90's that nobody took seriously. He has said that the chinese have been getting their hands on our top secret electronic hardware for years. He even says that we've been secretly giving the equipment to them in exchange for political leverage and a lot of other things. He says that china has an extensive spying scheme and network in the US. and that it's very compartmentalized.

System boards are made in China. The BIOS chip on these boards are made there so is easy to have the OS open up a network connection when triggered, thinking it is supposed to because the BIOS claims it has this port open for this card.

This is not the first time when a government authority finds major backdoors.

The German Counter Intelligence found years ago that Internet hackers started to point out several build-in software backdoors for the NSA and other agencies in their Bundeswehr Windows systems and could affect the German economy. (Articles on Wired.com, DebianHelp)

They developed their own proprietary Operating Systems, based mainly on LINUX software rules, and forced all sensitive German government and army offices to change to those OS's, and got rid of all Microsoft infected software.

These facts reminds me the scandal of the American embassy in Moscow in 1987, when the US diplomats refused to move to the new embassy because of rumors that the embassy was filled with soviet surveillance equipment during its construction. I've heard that Clinton received the full schemes of the surveillance system after the fall of URSS. (Another article on NYTimes)

Source AboveTopSecret, News.com
The FBI Presentation

0 comentarii: