How the NSA Compromises Hardware

From Ars Technica:
A document included in the trove of National Security Agency files released with Glenn Greenwald’s book No Place to Hide details how the agency’s Tailored Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they’re delivered.
These Trojan horse systems were described by an NSA manager as being “some of the most productive operations in TAO because they pre-position access points into hard target networks around the world.”
The document, a June 2010 internal newsletter article by the chief of the NSA’s Access and Target Development department (S3261) includes photos . . . of NSA employees opening the shipping box for a Cisco router and installing beacon firmware with a “load station” designed specifically for the task.
Today, the CEO of Cisco has written a letter to President Obama against these sleazy practices, which make everyone less safe.  From the CBC:
Cisco Systems Inc's chief executive officer has written a letter to U.S. President Barack Obama urging him to curtail government surveillance after evidence circulated showing the U.S. National Security Agency had intercepted Cisco equipment, a company spokesman said on Sunday.​
In a letter dated May 15, John Chambers, chief executive officer and chairman of the networking equipment giant, warned of an erosion of confidence in the U.S. technology industry and called for new "standards of conduct" in how the NSA conducts its surveillance.

1 comment: