By Declan Ingram.
Thought provoking read over at the Register: Feds seize $143M worth of bogus networking gear.
While the article is mainly about counterfeit hardware, (Cisco etc), seized in the US, (some of which was used by the US Marines in Iraq), there are two parts that got my attention:
1) The counterfeit gear could have backdoors. (Well yes – and this is not news for many…be surprised if some or most doesn’t).
2) This lovely quote: “In May of 2008, Cisco officials said they had no evidence that any of the counterfeit networking gear contained backdoors” – If these are the same officials that have missed all the other security issues to date (and in the future), then I’m not sure this statement makes me feel any better.
This reminds me of a friend of mine who years ago purchased some pirated operating systems on CD in Malaysia. They had been backdoored and once installed allowed anyone on the Internet to gain full access. I had a giggle, I must say. You really get what you pay for…..and more. (Remote Support?)
The (potential) security problems of pirated software have been well documented for some time. Most will have looked at backdoored ‘cracks’ for proprietary software etc, but bogus hardware? Backdoored from day 0? Cisco gear is generally top shelf, so more likely to get noticed, but what about lesser brands or even your generic ’sourced’ components? The flash drive from eBay? The cheap video card you got for your server so you can install the OS? Have a think about it.
Could organised crime use this to offset the cost of components? OK, that could well just be pure FUD……but..
I bet some, (most?) bogus gear comes from the same factory as the legit gear. Stands to reason. If it is backdoored, what assurance do we have that the legit gear isn’t? How would we, (or anyone else) ever know? Few know where to start in assessing the security of their supply chain.