A story that appeared in today’s edition of the New York Times addresses Operation Cisco Raider, which has led to 15 criminal cases involving counterfeit Cisco gear bought in part by military agencies, military contractors, and electric power companies in the United States.
During the two-year law-enforcement operation, 36 search warrants have been executed, resulting in the discovery of 3,500 counterfeit Cisco network components with an estimated retail value of more than $3.5 million, according to the Federal Bureau of Investigation (FBI).
Cisco, which has investigated the counterfeit networking equipment, claims that the bogus gear contained no electronic back doors or evidence of computer espionage. Cisco’s working assumption is that the counterfeiters were in business solely to make money, not to surreptitiously gather intelligence.
“We did not find any evidence of re-engineering in the manner that was described in the F.B.I. presentation,” said John Noh, a Cisco spokesman. He added that the company believed the counterfeiters were interested in copying high volume products to make a quick profit. “We know what these counterfeiters are about.”
Not everybody is so sanguine.
Several security technologists and intelligence experts contend that proven techniques exist to covertly embed information-gathering and -transmitting circuitry into computer and network hardware. What’s more, a few specialized espionage-related circuits buried within billions of components would be exceptionally difficult to detect.
Cisco is understandably anxious to have this issue recede from the headlines. If counterfeit Cisco gear were found to contain electronic back doors that transmitted confidential information to foreign governments or illicit third parties, major government and private-sector customers might show increased reluctance to buy gear that carries the reputed Cisco brand, if for no other reason than concern about receiving malicious non-Cisco knockoffs in place of the genuine articles.
In all probability, Cisco is right about the bogus routers and switches. They’re probably nothing more than replicas made by for-profit counterfeiters. Nonetheless, it will be intriguing to see whether or how this story evolves.