Your Source for Leaks Around the World!

Cisco Using Dead Drops for Sensitive Customers to Avoid NSA Interdiction

In Archive, Cisco, Hacking, NSA, Surveillance, TAO on March 22, 2015 at 6:12 PM

nsa-tao-cisco-interdiction

03/18/2015

Jeremy Kirk/PCWorld/Darren Pauli/TheRegister:

One of the most successful U.S. National Security Agency spying programs involved intercepting IT equipment en route to customers and modifying it.

At secret workshops, backdoor surveillance tools were inserted into routers, servers and networking equipment before the equipment was repackaged and sent to customers outside the U.S.

The program, run by the NSA’s Tailored Access Operations (TAO) group, was revealed by documents leaked by former NSA contractor Edward Snowden and reported by Der Spiegel and Glenn Greenwald.

One of the leaked Snowden documents, dated June 2010, has two photos of an NSA interdiction operation, with a box that said Cisco on the side.

The document, labeled top secret, goes on to say that supply-chain interdiction operations “are some of the most productive operations in TAO, because they pre-position access points into hard target networks around the world.”

During a panel session at the Cisco Live conference in Melbourne last week, Cisco’s chief security and trust officer John Stewart disclosed that the company had started shipping equipment to alternative addresses with fake information for its most sensitive customers.

“We ship [boxes] to an address that’s has nothing to do with the customer, and then you have no idea who ultimately it is going to,” Stewart said. “When customers are truly worried … it causes other issues to make [interception] more difficult in that [agencies] don’t quite know where that router is going so its very hard to target – you’d have to target all of them.”

In theory, that makes it harder for the NSA to target an individual company and scoop up their package. But supply chains are tough to secure, Stewart said, and once a piece of equipment is handed from Cisco to DHL or FedEx, it’s gone.

“If a truly dedicated team is coming after you, and they’re coming after you for a very long period of time, then the probability of them succeeding at least once does go up,” Stewart said. “And its because they’ve got patience, they’ve got capacity and more often than not, they’ve got capability.”

Stewart said some customers had also begun driving up to distributors to pick up their hardware at the door.

Stewart was asked if Cisco ever identified any strange hardware put inside any of its products. “No, we couldn’t, because the only people who would know that for sure is the NSA,” Stewart responded.

In May 2014, Cisco CEO John Chambers sent a letter (PDF) to President Barack Obama, arguing that the NSA’s alleged actions undermine trust with its customers and more broadly hurt the U.S. technology industry. Cisco also asserted that it does not work with any government to intentionally weaken its products.

  1. […] UPDATE 03/18/2015 Cisco Using Dead Drops for Sensitive Customers to Avoid NSA Interdiction […]

  2. […] > Cisco Using Dead Drops for Sensitive Customers to Avoid NSA Interdiction […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: