Recent events have raised the concerns about hidden backdoors and malicious code inside of counterfeit hardware — all the way down to the integrated circuit level.
In fact, a 2005 report by the Pentagon’s Defense Science Board addresses this issue. While this report assessed the problem, recent events have now raised the anxiety over cyber sabotage in bogus hardware. In fact, many consider the use of compromised counterfeit hardware as a strategic tactic in cyber warfare.
In January of 2008, a joint task force seized $78 million of counterfeit Cisco networking hardware. This international effort resulted in over 400 seizures of counterfeit networking hardware that was shipped between China, Canada and the United States. This international effort between the Federal Bureau of Investigations (FBI), U.S. Immigration and Customs Enforcement (ICE), US Customs and Border Protection (CBP), the Royal Canadian Mounted Police (RCMP) and supported by other agencies within the Department of Homeland Security (DHS) clearly shows the criminal efforts that are underway.
This investigation has been underway for the last two years and has shown great results.
The Numbers:
- 36 search warrants
- 115 seizures by ICE
- 373 seizures by RCMP
- 74,000 total counterfeit components confiscated
While there has been no public disclosure of counterfeit hardware sabotage/espionage on America by foreign countries or rogue groups, the threat is there. Supply-Chain threats have now moved into the spotlight and many organizations are moving to address the threat of purchasing counterfeit computer related equipment. Sources at Spy-Ops told me that in 2008 they estimate counterfeit computer hardware will exceed $1.25 billion and that current security measures such as holographic labels on integrated circuits and printed circuit boards are no longer adequate means to identify authentic equipment.
Michelle Kalnas, a supply-chain subject matter expert working with me on this issue pointed out that refurbished computer equipment poses the same threat and is more difficult to control. She went on to say that, “Close coordination between the security department and purchasing with external critical equipment vendors is necessary to resolve this issue. But at this time it is the exception not the rule.”
my college uses Cisco Access agent… and it sucks… hmmmm…
This comes as a shock to me how much, but it makes sense that it could be so much — seeing as it is in so high of a demand.
It’s time
It’s time to treat Military and Government soft and Hardware as if in War Time, duh.
No offence intended on the latter. It’s to point out how I cannot understand how second hand, or foreign materials are allowed into sensitive places, in any business structure, not counting such as the Military or Government. Any high tech business must treat this aspect as if spy’s are everywhere. AS they are, it’s the 21st century, and Cyber business is big business, so comes under the National Security heading for prime manufacturing and Government. Get on the stick guys, freebies and cheepo’s are Not in our best interest at those levels.
K.M.Gosnell
U.S.A retired
This is very scary…specifically with the Cisco products. I believe that the DOD standard is Cisco but if we are buying refurbished products we are comprimising our networks and security.
Not sure I will be purchasing refurbished equipment in the future.
The government needs to take a look at keeping all of our manufacturing in the US. We need to keep our technology and jobs in this country. Too many jobs lost and we are ruining our own economy further with big business trying to save the almighty dollar.
Here is another incident we uncovered.
U.S. Customs and Border Protection Assistant Commissioner for the Office of International Trade Dan Baldwin and Director-General Robert Verrue, European Commission Tax and Customs Directorate, today announced the results of Operation Infrastructure, which took place last November and December.
The Operation resulted in the seizure of more than 360,000 counterfeit integrated circuits and computer network components bearing more than 40 different trademarks.
That’s it! How long and how much damage do we have to incur before we bring the Technology sector back home? Although it may be an insurmountable task, it needs to be done ASAP to stem this tide!
Damn right! I say hit China with a full nuclear offensive, like we did to those ratty copycat Japanese in the 40’s. That will teach them to follow in our footsteps! Damn their competing markets, damn their hard working people, damn their blossoming economy! It’s an act of war, I say! We’ll force them to play fair! U.S. fair.
*sob* Mommy… make them stop!
How counterfeit? If just the MEDIA (CDROM /DVD) is counterfeit, but it is still the original software then from a security viewpoint, it is not such an issue, of course if the code is altered it would be a different story…
The hardware/software issue.
A few years ago I oversaw aproject that looked at foreign sourced componenets on a popular piece of networking equipment. We discovered that over 70% of the componenets that went into the product came form outside the United States. Remember there is allot of firmware and on chip software that could be altered with back doors or dime delay logic bombs. In once instance we estimated that the total amopunt of software chip based and CD based was about 21 million lines of code. To ensure security and integrity, every line of code would have to be evaluated and or compared against a known good source!
Hmmmm, i do not see what the problem is really. The western world uses alot of crappy Chinese stuff in for a cheap price. If there was no demand for it, they would not have made and sent it, right?
Sure, quality pays off in the long run, but it never came as cheap as the imported mass production stuff.
As for security issues…it’s hypocrites talking. Think about how EVERY xerox ink has tiny markings in it to trace the origins (in case of a bomb-letter for instance). Think about project echelon at which almost every internet connection is examined through the backbones. Think about how every networking component has a unique MAC address which makes it traceable (though there are ways to spoof it). I could go on with hundreds more examples how YOU get pwned by a government.
It’s the pot whining about the kettle, the only difference is the fact it’s counterfeit, but don’t use cyber sabotage as an argument as that happens more in the western world then anywhere.
Who cares anyways what americans are doin on he web , 99 % of the usa is retarded
It’s always good to check soft– and hardware but we have to be careful not te be caught in a negative spiral towards each other. Checking this stuff requires specialized agencies which costs a significant amount of tax. We are moving towards a future where soft– and hardware get more and more complex. If we can’t trust each other than we will destroy each other. Besides, it’s known (in Europe at least) that the USA lives on fear, and this ‘news’ sounds like more fear to me.
As if…
Don’t know why and who cares actually… What if the Chinese have spying abilities on all MC they produce… how are they going to monitor all the information they are going to get..? It’s pretty lame not to complain about the patriot act when you are sure you can be watched and then wine about the posibility that the Chinese might spy…
Just judging from the anti American sentiment in many of the responses here, one should take this threat very seriously. There are a whole lot of jealous people around in this world and we should better be prepared to deal with it!
Maybe this problem can be tackled by software that works like a regular virus scanner. Instead of only scanning the local computer and hard drive, it should also start scanning the infrastructure devices like routers, switches, firewalls etc. Hardware vendors, FBI, Interpol, and others, could provide the hardware profiles for these devices with backdoors.
Big hardware vendors like Cisco need to protect the integrity of their brand and should set the standards for identification of these illegal devices. And software vendors currently making virus scanners have a great opportunity to open up new markets, especially in the Fortune 100!
Didnt you put your chips in your planes which you sold?
Well, what does it matter? Our country has already been sold out from under us. We are just mostly renters here now. Out government holds the “1st mortgage” on virtually everything by eminant domain. And who owns the US governenment? “Government Of The People, By the People, and For the People” is nothing more than an advertising slogan. No more “In God We Trust” on our money. As a vet, a patriot, and a citizen, I say out government ZUCKS Big Time. Just my opinion…
I attended a conference last week on electronics interconnect manufacturing. In a new technology meeting i heard from a colleague who spends a lot of time in China that Chinese electronics manufacturers are now in many ways more advanced than anything in America. Boeing is outsourcing printed circuit boards to a subsidiary of the People’s Liberation Air Force. Other defense contractors heard about this, and assuming it is okay, are now sourcing the highest technology circuit boards going into classified technology at the same company. Can you say treason?
american manufacturing just can’t compete against foreign competition. just look around, motorola, gm, ford, boeing, etc. pretty soon, most u.s. companies will become nothing but marketing firms, selling brands for products made elsewhere. china is on the winning side, the decline of u.s. economic power is inevitable.
I also give my account to her, she want to play my number, she also can play. But one day, I found she had another husband, and she have no longer to play with me. And I found my number is empty, she took my things changed the cheap RS gold. I was very sad; I did not believe she is the girl that I know.
Some players may notice that default costumes on families created prior to the 2.4 cheap snw vis expansion have disappeared.
Her beauty faded along with her power Shaiya money. Taking advantage of the situation, the Dumianas ended the Goddess
in the game there are many players do not have diathesis, can be said that there were very bored, they often like to ask something about the players looks like, family, and in the game can earn how much 2moons gold, I do not know these people are playing the game or game play them. Some people often put some picture to the Internet, she thought that this way can let people feel humiliated
maybe I give you too much pressure, let you give up this feeling, I really want to know that do you really can forget me and forget the day s about we together to play and together to upgrade and together to earn the kamas, you really can forget, maybe I never enter your heart. Your left let me feel that all thing can be changed, you often said that I was very stupid, in fact you were wrong