Forum

 A story from Bruce Schneier's Cryptogram Newletter

----------------------------------------------------------------------------------------------------------------------------------

      Cisco Shipping Equipment to Fake Addresses to Foil NSA  Interception

 Last May, we learned that the NSA intercepts equipment being shipped around the world and installs eavesdropping implants. There were photos

of NSA employees opening up a Cisco box. Cisco's CEO John Chambers personally complained to President Obama about this practice, which is

not exactly a selling point for Cisco equipment abroad. "Der Spiegel" published the more complete document, along with a broader story, in

January of this year:

      In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert

     infrastructure. The call back provided us access to further exploit the device and survey the network. Upon initiating the

     survey, SIGINT analysis from TAO/Requirements & Targeting determined that the implanted device was providing even greater

     access than we had hoped: We knew the devices were bound for the Syrian Telecommunications Establishment (STE) to be used as

     part of their internet backbone, but what we did not know was that STE's GSM (cellular) network was also using this backbone.

     Since the STE GSM network had never before been exploited, this new access represented a real coup.

Now Cisco is taking matters into its own hands, offering to ship equipment to fake addresses in an effort to avoid NSA interception.