http://www.nytimes.com/2008/05/09/technology/09cisco.html By JOHN MARKOFF The New York Times May 9, 2008 SAN FRANCISCO — Counterfeit products are a routine threat for the electronics industry. However, the more sinister specter of an electronic Trojan horse, lurking in the circuitry of a computer or a network router and allowing attackers clandestine access or control, was raised again recently by the F.B.I. and the Pentagon. The new law enforcement and national security concerns were prompted by Operation Cisco Raider, which has led to 15 criminal cases involving counterfeit products bought in part by military agencies, military contractors and electric power companies in the United States. Over the two-year operation, 36 search warrants have been executed, resulting in the discovery of 3,500 counterfeit Cisco network components with an estimated retail value of more than $3.5 million, the F.B.I. said in a statement. The F.B.I. is still not certain whether the ring’s actions were for profit or part of a state-sponsored intelligence effort. The potential threat, according to the F.B.I. agents who gave a briefing at the Office of Management and Budget on Jan. 11, includes the remote jamming of supposedly secure computer networks and gaining access to supposedly highly secure systems. Contents of the briefing were contained in a PowerPoint presentation leaked to a Web site, Above Top Secret. A Cisco spokesman said that the company had investigated the counterfeit gear seized by law enforcement agencies and had not found any secret back door. “We did not find any evidence of re-engineering in the manner that was described in the F.B.I. presentation,” said John Noh, a Cisco spokesman. He added that the company believed the counterfeiters were interested in copying high volume products to make a quick profit. “We know what these counterfeiters are about.” An F.B.I. spokeswoman, Catherine L. Milhoan, said the agency was not suggesting that the Chinese government was involved in the counterfeiting ring. “We worked very closely with the Chinese government,” she said. Arrests have been made in China as part of the investigation, she said. “The existence of this document shows that the cyber division of the F.B.I. has growing concerns about the production and distribution of counterfeit network hardware.” Despite Cisco’s reassurance, a number of industry executives and technologists said that the threat of secretly added circuitry intended to subvert computer and network gear is real. [...] _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri May 09 2008 - 06:10:20 PDT