The current issue of BusinessWeek is carrying a scary in-depth look at counterfeit computer components, 
claiming that fake components have been used in warplanes, ships and communication networks. The magazine also cites an FBI report warning that fake Cisco gear could be used for espionage. According to BusinessWeek, the FBI briefing "questions whether the counterfeiting is 'for-profit or state-sponsored' but doesn't offer an answer." The magazine explains how "fake microchips flow from unruly bazaars in rural China to dubious kitchen-table brokers in the U.S. and into complex weapons." There are recycled-chip emporiums where workers strip chips from disgarded PC circuit boards and sell them after they've been washed in nearby rivers.
BusinessWeek has also published a video about its investigation, which you can view here.
More from Cisco Subnet:
* Fax server compatibility in Cisco UC networks
* How to transfer CUCM users to Unity voicemail
* CCIE pay in the U.K. down slightly
* Competition: Can you learn TCP/IP in 24 hours?
* 100GB Ethernet coming to your core?
* CCDE beta practical exam: Tough but not impossible
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
The Cisco Subnet blog is written by Network World managing editor Jim Duffy and is the official blog of Network World's Cisco Subnet community. The Cisco Subnet site is managed by Online Community Editor Julie Bort. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
The Leader in Network Knowledge
Old News - Easy Espionage!
This has been going on, in one form or another, at least since the seventies.
It was illegal to export 286/386 Computers to the Soviet Union, but there was (and still is) nothing to prevent Soviet (or other bad guys) from walking into their local Best Buy, or logging onto Dell, etc., and walking out with state-of-the-art technology. The same goes for strong encryption.
A few days later a Diplomatic Crate (immune from just about any oversight) ships back to the home country. This was very common "back in the days," and I see no reason why it would have changed.
All one must do is legally purchase a few hundred routers/firewalls/hubs/switches/whatever, replace the PROMS/Firmware and reintroduce them into the market as either new or surplus.
The gear doesn't even have to leave the country for this to happen!
Most technology export restrictions and the like are intended to make the unaware 'feel' safe. There's a big difference between feeling safe and being so.
When was the last time you ran a checksum on the firmware of the used, remanufactured or surplus gear hanging on your network?
I Would Check if Shown How
How do you check to see if your 'reconditioned' equipment truly is not tampered with equipment?
Fake Cisco Gear
I read about the secondary market for Cisco gear, and have personally bought several Cisco routers from Ebay and the like. I few years back, they stated that Cisco was trying to find a way to stop this market, which they have not control, and therefore do not enjoy the profits of. Well, guess what, now Cisco has the FBI doing their dirty work. Sure, I am sure some clever third-world government can hack an IOS operating system, make it appear normal, and then hack into it...but REALLY!!!! More likely this is a government plot to keep Cisco in business...
Cisco is the Microsoft of Networking
It's already bad enough that IOS is insecure, filled with security vulnerabilities and is rootable. Furthermore, the built in IOS security features such as image verification and checksumming is an afterthought. It's not supported across the board and where it is supported it's using the compromised MD5 hash algorithm where a malicious IOS image altered with backdoor can be made to have the same MD5 hash as a valid image. On top of all this, we now have to deal with distinguishing genuine offshore made Cisco gear and fake offshore made espionage backdoor gear. Thanks Cisco for making a lot of companies sleep well at night.
If Mexican music can end up
If Mexican music can end up on your VPN CD then there's no doubt that offshore espionage backdoor IOS can end up on your network equipment.
Cisco Ships Mexican Folk Music On VPN Client CD
http://idle.slashdot.org/idle/08/10/08/1418232.shtml
http://dave.fumberger.com/2008/10/08/cisco-networks-new-album/
Dont Not Listen To Hype
All your networks and data leekage not belong to us. Trust in me.