|
|
F.B.I. Says the Military Had Bogus Computer Gear John Markoff / NY Times | May 9, 2008 SAN FRANCISCO — Counterfeit products are a routine threat for the electronics industry. However, the more sinister specter of an electronic Trojan horse, lurking in the circuitry of a computer or a network router and allowing attackers clandestine access or control, was raised again recently by the F.B.I. and the Pentagon. The new law enforcement and national security concerns were prompted by Operation Cisco Raider, which has led to 15 criminal cases involving counterfeit products bought in part by military agencies, military contractors and electric power companies in the United States. Over the two-year operation, 36 search warrants have been executed, resulting in the discovery of 3,500 counterfeit Cisco network components with an estimated retail value of more than $3.5 million, the F.B.I. said in a statement. The F.B.I. is still not certain whether the ring’s actions were for profit or part of a state-sponsored intelligence effort. The potential threat, according to the F.B.I. agents who gave a briefing at the Office of Management and Budget on Jan. 11, includes the remote jamming of supposedly secure computer networks and gaining access to supposedly highly secure systems. Contents of the briefing were contained in a PowerPoint presentation leaked to a Web site, Above Top Secret. A Cisco spokesman said that the company had investigated the counterfeit gear seized by law enforcement agencies and had not found any secret back door. (Article continues below)
“We did not find any evidence of re-engineering in the manner that was described in the F.B.I. presentation,” said John Noh, a Cisco spokesman. He added that the company believed the counterfeiters were interested in copying high volume products to make a quick profit. “We know what these counterfeiters are about.” An F.B.I. spokeswoman, Catherine L. Milhoan, said the agency was not suggesting that the Chinese government was involved in the counterfeiting ring. “We worked very closely with the Chinese government,” she said. Arrests have been made in China as part of the investigation, she said. “The existence of this document shows that the cyber division of the F.B.I. has growing concerns about the production and distribution of counterfeit network hardware.” Despite Cisco’s reassurance, a number of industry executives and technologists said that the threat of secretly added circuitry intended to subvert computer and network gear is real. “There are enormous vulnerabilities in our defense and national security infrastructure,” said Peter Levin, a former Clinton administration official who is chief executive of DAFCA, a Framingham, Mass., company that designs systems to prevent malicious tampering with computer chips. “We outsource the manufacturing of computer integrated circuits to places that can manufacture these devices cheaply.” Last month, the Pentagon’s Defense Advanced Research Projects Agency began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency’s Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive. The agency is not yet ready to announce the results of the test, according to Jan Walker, a spokeswoman for the agency. The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor by altering the data file on a chip with nearly 1.8 million circuits used in automated manufacturing equipment. CLICK ON THE BANNER TO BUY TERRORSTORM IN |
|
||||||||
