NSA sabotaged exported US-made routers with backdoors

The NSA systematically sabotaged US-made network routers as they were exported, equipping them with secret backdoors, according to Edward Snowden leaks newly released by Glenn Greenward in the Guardian. The devices were tampered with prior to leaving the USA and resealed with factory seals. Ironically, this is exactly what grandstanding US politicians have been accusing the Chinese government and Huawei of doing for years. Takes one to know one? Or just honi soit qui mal y pense?

The agency then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some "SIGINT tradecraft … is very hands-on (literally!)".

Eventually, the implanted device connects back to the NSA. The report continues: "In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network."

It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices. But the US is certainly doing the same.

Warning the world about Chinese surveillance could have been one of the motives behind the US government's claims that Chinese devices cannot be trusted. But an equally important motive seems to have been preventing Chinese devices from supplanting American-made ones, which would have limited the NSA's own reach. In other words, Chinese routers and servers represent not only economic competition but also surveillance competition.

Glenn Greenwald: how the NSA tampers with US-made internet routers [Glenn Greenwald/The Guardian]

Notable Replies

  1. This just in: The US makes routers.

  2. Something tells me the market for U.S.-made routers is about to dry up.

  3. Are you serious? How is it not? Revealing that the NSA is illegally or at least unethically sabotaging U.S. technology exports clearly counts as whistleblowing. This isn’t a list of deep-cover field agents or nude selfies of James Clapper here.

  4. xzzy says:

    That won't do anything if your isp is running a compromised router.

    The lesson being taught is to encrypt every single thing you put onto the network.

    (Too bad SSL is compromised too! We're pretty much fucked no matter which way you approach it.)

  5. Cunk says:

    Two questions immediately come to my mind:

    1) How exactly does the NSA "interdict" these shipments? Hijacking? Bribery? Willing cooperation of someone in the supply chain?

    2) How deeply embedded is this software? Can it be wiped by reinstalling firmware downloaded directly from the vendor?

Continue the discussion bbs.boingboing.net

16 more replies