Counterfeit networking gear: A security threat?

The website, AboveTopSecret.com, which sometimes strains credulity, published parts of an FBI presentation.

The FBI report stated that counterfeit networking gear could possibly "provide backdoor capabilities and access into compromised networks for the originators of the equipment."

In a separate posting, the FBI issued a statement attributed to James Finch, assistant director of the FBI's Cyber Division, that said "The FBI's Cyber Division provided an unclassified PowerPoint presentation and briefing on efforts to counter the production and distribution of counterfeit network hardware . . . [that] was never intended for broad distribution or posting to the internet."

According to AboveTopSecret.com, the military, the FBI, the Federal Aviation Administration, defense contractors, universities and financial institutions may have purchased a wide range of counterfeit equipment, including routers, servers, switches and wide-area-networking (WAN) interface cards.

The FBI revealed that bogus products often are shipped directly to the United States after purchase via online channels. They can arrive in this country via other countries, including Canada, Germany, the Netherlands and the United Kingdom.

The presentation indicated that subcontractors and vendors also play a role, and the government performs minimal, if any, background checks on suppliers.

Counterfeit networking equipment exposes government systems to potential failure, unauthorised access and weakening of cryptographic systems, according to the FBI presentation.

On Feb. 28, 2008, the FBI said a two-year operation called Operation Cisco Raider lead to seizures of more than 400 of counterfeit Cisco network products and labels with an estimated retail value of more than US$76 million.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition

a counterfeit gear networking security threat