Considering counterfeit Cisco gear

Yesterday, Dan Sallach posted an interesting commentary on counterfeit Cisco gear on his Freedom to Tinker blog. He

quotes a New York Times story published on Friday that says a two-year FBI investigation unearthed about 3500 counterfeit Cisco components (worth $3.5M). (Click here for a similar story on Network World.) The gear isn't particularly well-made (as counterfeits are wont to be), but the really interesting part is that there also was no evidence found of a secret hacker back door or other malicious code in the gear either. Poor performance is one fear over counterfeits, but Trojans is really the Big Worry. Various proof-of-concept attacks have been done that show how secretly embedded code could be activated, give the hacker control of the device (to launch DDoS attacks, for instance) and be nearly impossible to for the poor bamboozled user to detect. It's enough to give the shivers to network executives everywhere.

Sallach's point is that the network gear supply chain is the weak link that allows fakes to enter a company otherwise engaged in a legitimate purchase order. Companies (or governments) put out bids looking for the lowest price. In turn those resellers look for subcontractors with the lowest price who in turn look for other means of low prices until you get to some non-authorized supplier buying gear from unknown parties from someplace like eBay. What can be done about it? The general consensus is that a lot of technology is being created to try, but the only thing that can protect you is to verify that your gear comes from authorized resellers buying directly from the manufacturer. That, of course, is not the cheapest way.

More from Cisco Subnet: New Cisco TelePresence unit gets personal
Cisco can't live down selling gear to China for censorship
Fun with the Fortune 500
Nortel attacks Cisco with green calculator
CCNP lab essentials
Jeff Doyle: Understanding MPLS
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
20 useful sites for Cisco networking professionals This month's Cisco Subnet giveaways
Network World's IT Buyer's Guide: Cisco products
Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Cisco Systems

Jim Duffy has been covering technology for over 28 years, 23 at Network World. He covers enterprise networking infrastructure, including routers and switches. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy and at jduffy@nww.com.