Posted on 05/15/2008 5:03:00 PM PDT by ricks_place
An FBI presentation states that China has counterfeited Cisco Systems network routers and may be using the equipment to penetrate U.S. government and private sector computer networks.
Federal authorities in February seized some 400 counterfeit Cisco Systems knockoffs worth $76 million. The equipment included routers, switches, gigabit interface converters and WAN interface cards. Among the purchasers of the fake equipment were the U.S. Naval Academy, U.S. Naval Air Warfare Center, U.S. Naval Undersea Warfare Center, U.S. Air Base at Spangdahelm, Germany, the Bonneville Power Administration, General Services Administration, and the defense contractor Raytheon, which makes key missile and weapons systems.
The FBI briefing slides on the case stated that while there are “intelligence gaps” on why the Chinese made the counterfeit equipment it could have been for profit or as part of a state-sponsored operation. Additionally the scope of the Chinese counterfeit equipment may extend beyond routers to include fake IT equipment such as PCs and printers.
Under a section titled “The Threat,” the FBI described the effort as “IT subversion/supply chain attack” that could “cause immediate or premature system failure during usage.”
The counterfeit equipment also could be used to “gain access to otherwise secure systems” and to “weaken cryptographic systems.”
The briefing slide said the Chinese information warfare efforts require “intimate access to target systems.”
“But it’s the corporates that are giving their secrets to China. A bottom line increase in a quarter is seen as more important than any of those silly trade secrets. “
In some cases yes, because in some cases the people making those decisions have interests in other countries, no morals, or are greedy. Profit this quarter are the only important thing, besides their bonuses of course.
Many countries have very active efforts to capture US trade secrets and technology. Its not only military technology, but food technology, chemicals, materials, processes and so forth.
One example is the knowledge it takes to implement complex information systems. Methodologies that took many years to develop at untold cost are available for anyone to download.
The very IT security standards recommended for banks, government, health are other examples of whats available for download. We are giving away our economic and technical advantages.
It could copy all manner of information gathered on the network and send it back out on the wire to a designated receiver controlled by the PLA, for starters. You could put enough logic onto an commodity ethernet chip now to do a wide variety of very nice things.
Think about it this way: many Ethernet chips are made with older fab technology. There isn’t a huge, crying demand for Ethernet chips made with 0.90nm processes, for example.
Buuuuut.... what if you want to cram a whole lot more stuff onto a chip and have it look the same outwards (eg, from the size of the package) as a commodity chip. Well, now you use a newer process, cram many, many, many more gates onto the chip than is usual, and you could have a complete embedded CPU+memory in there - alongside the commodity Ethernet functions.
Let’s go back to basics:
How do you know what is inside the epoxy package of a chip?
Answer: Absent splitting the package off the chip, you don’t know that there’s anything more in there than the functionality you bought. By testing all of the functionality, you can tell that something is *missing*, but you cannot tell that there might be something *extra*.
So if you’re a EE with the equipment, you think that you should be able to spot the extra logic through the JTAG interface, right?
They could use fuseable links and just blow open the connections from the JTAG interface to the extra logic when they ship the chip.
As I said previously - the only way to know what is really in those commodity chips is to open up the package, get our your microscope and start looking at what is on the wafer.
I think all that would be hard to do at the eithernet Phy layer.
Your point about not knowing what’s in a chip you purchase is a good one.
But as I said DOS type attacks would surely be doable.
They get real big and real expensive. A completely tricked-out Cisco carrier grade system will run an obscene amount of traffic (IIRC around 100 terabits per second) and cost an obscene amount of money.
ping!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.