FBI Fears Chinese Hackers Have Back Door Into US Government & Military

[pressimg]http://files.abovetopsecret.com/images/member/92295eb4953c.jpg[/pressimg] Some months ago, my contacts in the defense industry had alerted me to a startling development that has escalated to the point of near-panick in nearly all corners of Government security and IT infrastructure. The very-real concern, being investigated by the FBI, is that either the Chinese government or Chinese hackers (or both) have had the benefit of undetectable back-doors into highly secure government and military computer networks for months, perhaps years. The cause: a high-number of counterfeit Cisco routers and switches installed in nearly all government networks that experienced upgrades and/or new units within the past 18 months.

News of the counterfeit Cisco equipment has been in the mainstream for some time:
Co llaborative Current Event: Counterfeit Cisco Network Hardware Imported From China Seized
Chinese Counterfeit Cisco Network Routers Targeted In North America
Counterfeit Cisco Gear Showing Up In US
But the US government has been attempting to avoid these issues by only using higher-end Cisco partners/suppliers for the gear. However, the highly-competitive lowest-bid environment of government procurement has inspired several vendors to look for cheap alternatives for hardware... resulting in a catastrophic meltdown of security.

A few weeks ago, my sources have been providing information on a scathing investigation summary by the FBI. They've indicated that a critical Powerpoint document has been quietly circulating after a few internal presentations. While the Powerpoint presentation has been labeled unclassified, it is an official FBI publication and has been hard to track down. Thanks to key clues provided last week by two sources (both of which do not have the presentation, but have seen it), specific searches on the content of the document have turned up an online source, and I've provided all pages of the document below, along with the link to the discovered source. (The ATS upload would not allow a PPT file)

As you can see, the FBI is concerned about critical infrastructure damage, AND, the potential of access to secure government systems. Many online IT circles have been speculating that the counterfeit hardware will provide backdoor capabilities and access into compromised networks for the originators of the equipment. In fact, some areas of speculation regarding the counterfeit Cisco equipment has focused on the possibility that the hardware is being manufactured expressly to deploy exploitable systems far and wide into the wild. The rationale being that the likely "wholesale" price of the counterfeit routers and switches are so low and profit margins likely very thin, that the only real advantage may be gained from downstream system exploits in the future.

The threat is real. Compromised hardware of potentially hostile foreign origin sits within secure networks of the US government, military, and intelligence services. And as you now see, the FBI has been concerned about it.


Graphic file export of the FBI's Powerpoint document slides.


















































Google Search that found the FBI Powerpoint document:
"FBI Criminal Investigation: Cisco Routers"
Link to PPT file

I do not see why the US gov cannot manufacture it's own routers/systems.
Surely this would remove the problem? Or at least order directly from assembly plants (in the US, preferably monitored), thereby cutting out any suspicious links in the chain?

reply to post by Nemiro


because that would be cost efficient and secure and we all know that the US gov't is neither cost efficient nor secure.

This has been going on for some time now, and perhaps the problem is far more extensive than the previously identified breaches originating from China in the recent past.

China aims to become the new hegemon, and in the best way to catch up to the U.S. is to copy their technology and compromise their computer networks.

Yet another issue of security that Richard Marcinko was complaining about back in the 90's that nobody took seriously. He has said that the chinese have been getting their hands on our top secret electronic hardware for years. hell he even says that we've been secretly giving the equipment to them in exchange for political leverage and a lot of other things. He says that china has an extensive spying scheme and network in the US. and that it's very compartmentalized.

No surprise that they have put a back door into our electronics and routers. It's not like people didn't give us fair warning. THe chinese are more methodical and strategically orientated in the long term than we give them credit for. we think about strategies in 5 to 15 year periods. they think about strategy like a 100 year long chess game where the final big moves are played out in the end of the game.

reply to post by Nemiro


I agree with you. I also fine it hard to believe that our government is not secure on their sites. Surely they are not that stupid.

What a lovely way to start the work day.

Way to scare the bejezus out of me with this. Seriously though, it doesn't shock me all that much. When it comes to IT warfare I believe the Chinese to be years ahead of the US. Like previous posters have said, let the govt. manufacture the hardware and then it'll be "untainted".

If China was to start a WAR with the U.S. the first thing to do is take down the infastructure. How do you do that? The same way we did to Iraq, take control of the Routers. IF not war than every secret the the U.S. has is now theirs.
Why dont we make this equipment ourselfs you say... Who will work for .50 cents a day? Not me. I have a mortage.

If it's true I'd say the U.S. willingly unzipped it's pants. The future payoff for the U.S. is still unknown, at least by me.

Problem-Reaction-Solution.

Peace

Kinda makes me chuckle at thought that the President goes to take a leak and has two guards posted outside the door, yet the security of the nation goes to the lowest bidder.

Sums up exactly how we the voters are thought of by the elected, we are not even fit to shake it after they have taken their leak.

Originally posted by Wolfie_UK
Kinda makes me chuckle at thought that the President goes to take a leak and has two guards posted outside the door, yet the security of the nation goes to the lowest bidder.

Heck, Our Nation itself goes to highest bidder so it makes sense to me that they shouldn't be too concerned about the security protecting something they don't own in the first place. I bet the security is tight in Parguay though

[edit on 21-4-2008 by kleverone]

Well, If the government asked me, I could set up a cheap, high security, low cost, computer router factory at one of the Federal Prisons. I would bet hundreds of inmates would be willing to work for $1.00 an hour and good time, especially since the work would be clean and in an air conditioned space.

One of my rules would citizens only and no gang banger types.

100,000,000,000$

That's how big this problem is. Who is going to pay to fix it?

If the taxpayers have to fix it, buy Cisco systems stock.

If Cisco has to pay for it, buy Cisco put options.



mister.old.school you opened a 55 gal. drum of worms here.

[edit on 21-4-2008 by downtown436]

Wow lots of stuff in that post
Star+Flag.

Well here goes the U.S government trying not to secure itself once again. Also I'm quite curious would it be door? or Doors?

Dugg!

Wow! That's something else.

I just wanted to add that I work for a hardware supplier and I've heard plenty about these counterfit products. They are real, no doubt.

[edit on 21-4-2008 by ZeddicusZulZorander]

I just skimmed through the thread, but what's funny is I deal with companies like Lockhead Martin, Boeing, L3, Northrop on a daily basis. I also always talk to contractors who hold Top Secret and different versions of Top Secret Clearance; SSBI's I think is one of them. Some have told me they hold higher than Top Secret, really not suppose to say, but like Black Secret I believe is one of them. A coworker of mine talked to a guy who had his own secured cell phone and would talk in code etc. All of these contractors work in the software/hardware field. But my relevance to this thread is, I always ask how they feel about outsourcing and most of it's done to India and China. Most of the contractors over here are losing there jobs because of this. It amazes me how government projects is outsourced to potential future enemies. Someone please shed light on this for me. Thanks.

I swear to god the U.S. has more hackers in the Chinese networks as Americans really are better hackers due to the high availability of computers. In China most people go to internet cafes to do their illegal things thus unable to allocate much time into hacking.

The Chinese government hires a bunch of hackers for good and bad reasons. Good reason is to develop protection for the sponsoring government and bad reason is to attack foreign governments.

Pentagon and the CIA does more of those things than one can ever imagine. Ya'll havn't seen movies with a lot of professional hackers working in government buildings? That's the reality.


Hacking is like trench warfare without the physical trenches. It's also like trying to treat the common cold, you can never treat the new strains which appears before you cure the previous strain.

[edit on 4/21/2008 by die_another_day]

"have had the benefit of undetectable back-doors into highly secure government and military computer networks for months, perhaps years."

If already for years, so why the information will only be allowed to leak into the public in this highly sensitive period of increasing anti-China and anti-West sentiments in the West and China?

Counterfeited products, either it be hardware or other kind of products, even fake SUGAR or fake Bottled Water in China is real. The Chinese consumers learned to live with it and know one basic concept "cheap = low quality/warranty". When a product is obvious lower than at the neigbour shop or the usual market retail price, China consumer learned not to buy it or is willingly to take a risk of buying something fake.

The supply chains are all too familiar, but it was quite shocking that the US government would allow 2nd/3rd sub-contractors to place hardware orders. Why the US government does not cut a country-wide deal directly with CISCO or other branded US hardware manufacturers, I'm quite sure with the total volume combined they would be much better off than going two three layers down the supply chain, not to mention the security risks.

Another very weird sheet is "Why CISCO?", and then simply state that CISCO owes 80% market share. So is that the reason for a quality purchasing nowadays with taxpayer money?

US-CHINA Joint Liaison Group:
In the only sheet reharding how the cooperation is working, I believe it lacks some fundamental problem-solving actions.
If I was the head of this group:
- Don't limit the group's efforts at border protections or so-called meaningless Intellectual trademark blabla
- No more 2nd-3rd contractors and only dealing with CISCO or whichever brand owner directly. CISCO can always include the so-called golden partners in the deal, but effectively governments should be only dealing with CISCO. If they refuse, purchase from someone else who can satisfy your service and quality requirements instead of only the price or "because they owe 80% of the market.".
- If a purchase order is aligned with the US Government, then only authorized secured manufacturing plants can produce and assembly the hardware and components.
- CISCO should put their own engineers on the spot to monitor the productions.
- Chinese customs should check the plants in a regular and strict way. ANY corruption by Chinese' officials should be punished severe by the Chinese government.
- This punishment should be against the plant as well and all the direct people involved, the greedy people offering the corruptions!
- US government should recruit authorized preferred Inspection companies to check EVERY single order. These quality inspectors are commonly well-known and used by Foreign Brand owners and importers who do care about the quality of their own products.
-ZERO tolerance an 100% check. Every production AND outgoing shipment. Someone like APPLE will send their own inspectors standing next to the production line when producing the Ipods and Iphones in China!!! Why can't the US government do that?
- Incoming governmental shipments should go into a consolidated Warehouse in the West coast, either use a AQL or for higher security another 100% quality check, before dispatching to the rest of the country.
-The most ideal is that the US create an own Purchasing department, every single purchasing should be going through this department. With her own inspecting teams and with the coordinated efforts you can cut out the best deals. of course Corruption in this department should be punished severe as well.

--> Even when a production (all components/assembly) is done in the US, even then a good quality inspection for every production should be ensured.






[edit on 21/4/08 by IchiNiSan]

Here is an idea. Don't buy crap from China, None of you!!!! If everyone makes this a priority then they will not be able to afford their weapons.
They need to get with Intel, Cysco and Dell. Make a separate factory where they can make government PCs with tight security. Make all government contractors use these same PCs and make them so they can only communicate with each other and know one else.

Now why would they fear the chinese? There is only one big Corperation, and their apart of it. Holdup, Maybe these guys aren't apart of the goverment, then i guess there would be something for them to fear, right.