NSA backdoors my open networks to new threats, report says
U.S. spy agency intercepts devices and installs software that gives them access, new book says
IDG News Service - Allegations that the NSA installed surveillance tools in U.S.-made network equipment, if true, could mean enterprises have more to worry about than just government spying.
While the U.S. government warned router buyers that the Chinese government might spy on them through networking gear made in China, the U.S. National Security Agency was doing that very thing, according to a report in the Guardian newspaper Monday.
The NSA physically intercepted routers, servers and other network equipment and installed surveillance tools before slapping on a factory seal and sending the products on to their destinations, according to the report, which is extracted from an upcoming book by Glenn Greenwald, a journalist who last year helped expose sensitive documents uncovered by former NSA contractor Edward Snowden.
With the tools it installs, the NSA can gain access to entire internal networks, the story said. For example, in a report on its use of the technology, the NSA said an embedded beacon was able to call back to the agency and "provided us access to further exploit the device and survey the network," Greenwald wrote.
The new charge vastly expands the scope of alleged NSA spying beyond the interception of traffic across the Internet, said Ranga Krishnan, a technology fellow at the Electronic Frontier Foundation. As an example, he pointed to reports from the Snowden documents that the NSA had tapped into Google's own fiber network among its data centers, where the company hadn't encrypted the traffic at all.
"That's how most organizations function," Krishnan said. "So once you're within the company's router, you have access to all that data that's unencrypted."
In addition, any security hole that a government installs could open up the network to attacks by others, he added.
"If you have made something vulnerable ... somebody else could discover that and very well use it," Krishnan said.
The House Intelligence Committee and other arms of the U.S. government have warned for years that networking equipment from vendors in China, namely Huawei Technologies and ZTE, poses a threat to U.S. service providers because of possible links between those companies and the Chinese government.
Specifically, critics have raised alarms that the government could install backdoor surveillance tools in the gear they sell, giving Chinese spies access to communications in the U.S. Those warnings reportedly have held back Huawei and ZTE's sales in the U.S. The companies have said their equipment is safe.
When Greenwald revealed Snowden's alleged evidence of NSA spying, it turned the tables on the U.S., with network buyers in some countries avoiding U.S.-made gear. Cisco Systems, the world's biggest seller of networks, has said worries about the NSA affected its business in China.
With allegations now flying about networking gear made both in China and the U.S., EFF's Krishnan recommended buyers seek convincing evidence from any potential supplier that their gear is in fact secure.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts