How Cisco customers avoid NSA tampering
While the NSA certainly has the technical chops to eavesdrop, monitor, and intercept all types of electronic communications, they’re also not afraid to employ more straightforward and simpler spycraft methods when it comes to keeping an eye on enemies of the state.
Don’t Miss: Microsoft’s new scheme could become Google’s worst Android nightmare
Just a few months ago, documents originally leaked by Edward Snowden revealed that members of the NSA’s Tailored Access Operations (TAO) unit would sometimes intercept hard drives along with network communications equipment like servers and routers while in transit. Then, NSA operatives proceed to install secret firmware onto the products as to make it easier for them to monitor communications and siphon data. Following that, the equipment in question would be packed back up and shipped off to its intended destination. Meanwhile, the recipient remained under the false impression that they had a clean piece of equipment.
The following photo depicting said NSA activity made the rounds on the web just a few months back. Note that the box on the table on the left is from Cisco.
As a few publications at the time reported, the NSA’s interest spanned every electronic manufacturer you might think of, from Western Digital and Seagate to Samsung and Dell.
So what’s a person or company to do?
Well, Network World reports that some Cisco customers are having products shipped to dummy locations as a preventative measure.
And it appears some Cisco Systems customers have since taken steps to prevent NSA tampering.
The company has shipped equipment to addresses that are unrelated to a customer, said John Stewart, Cisco’s chief security and trust officer, on Wednesday during a panel session at the Cisco Live conference in Melbourne.
In theory, that makes it harder for the NSA to target an individual company and scoop up their package. But supply chains are tough to secure, Stewart said, and once a piece of equipment is handed from Cisco to DHL or FedEx, it’s gone.
But as Stewart later explains, such precautions may not be terribly effective.
“If a truly dedicated team is coming after you, and they’re coming after you for a very long period of time,” Stewart said, “then the probability of them succeeding at least once does go up.”
Related stories
Massive SIM card hack might have been too sophisticated to be caught in time
Gemalto confirms hack, but denies massive SIM keys theft
A truly hack-proof smartphone may finally be unveiled next week
More from BGR: The FTC’s explosive allegations against Google are enough to make me switch to Yahoo
This article was originally published on BGR.com
