Snowden: The NSA planted backdoors in Cisco products

'No Place to Hide,' the new book by Glenn Greenwald, says the NSA eavesdrops on 20 billion communications a day -- and planted bugs in Cisco equipment headed overseas

If you worked in IT sales, can you image how difficult your life would be if your foreign customers assumed that the hardware you sold them had backdoors to let the U.S. government spy on them at will?

That's not a hypothetical question.

[ Learn how to protect your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

Incredible as it seems, routers built for export by Cisco (and probably other companies) are routinely intercepted without Cisco's knowledge by the National Security Agency and equipped with hidden surveillance tools. We know this because it's one of the new details of the spy agency's vast data gathering programs revealed in "No Place to Hide," a just-published book by Glenn Greenwald. Greenwald, of course, is the journalist who broke the story of Edward Snowden, the one-time NSA employee who has leaked thousands of secret documents.

We learn that the scale of the NSA's data gathering operations was much, much larger than we could have imagined: "As of mid-2012, the agency was processing more than twenty billion communications events (both Internet and telephone) from around the world each day," Greenwald writes.  

Greenwald reveals that a program called X-KEYSCORE allows "real-time" monitoring of a person's online activities, enabling the NSA to observe emails and browsing activities as they happen, down to the keystroke. The searches enabled by the program are so specific that any NSA analyst is able not only to find out which websites a person has visited, but also to assemble a comprehensive list of all visits to a particular website from specific computers.

You would think that an analyst wanting to monitor someone's online activities so closely would need, at the very least, authorization from a high-level agency executive. Not so. All the analyst needs to do is fill out an online form "justifying" the surveillance and the system returns the information requested.

What about a warrant? Don't be naïve.

How the NSA bugged Cisco's routers

Much has been made of industrial espionage by China, and the U.S. government has repeatedly warned businesses not to trust technologies purchased from that country. Maybe the Chinese and other governments are the ones that should be issuing warnings.

"The NSA routinely receives -- or intercepts -- routers, servers, and other computer network devices being exported from the U.S. before they are delivered to the international customers," Greenwald writes. "The agency then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users."

Routers, switches, and servers made by Cisco are booby-trapped with surveillance equipment that intercepts traffic handled by those devices and copies it to the NSA's network, the book states. Greenwald notes that there is no evidence that Cisco or other companies were aware of the program.

"We've stated previously that Cisco does not work with any government to weaken our products for exploitation," a Cisco spokesman told the Wall Street Journal. "We would, of course, be deeply concerned with anything that could damage the integrity of our products or our customers' networks."

Apart from any concerns you might have about privacy, this kind of publicity is very bad for U.S. business. Why would you buy a product that handles sensitive corporate or government data if you thought the device was bugged?

1 2 Page 1
Page 1 of 2