The Eric Snowden NSA leak continues to shake out some unruly details that really should come as no surprise. A recent article how the NSA tampers with US-made internet routers," mentions how the NSA has been secretly implanting interception devices in US servers heading overseas. This is an extract from Glenn Greenwald’s book about Edward Snowden called “No Place to Hide.”
NSA Tampers with US Routers
The US government has touted for years that Chinese routers and other internet hardware pose a threat as they have the potential to include backdoor surveillance which gives the Chinese the ability to spy on anyone who uses that piece of hardware. Yet, some NSA documents show that the US has been guilty of these same tactics.
According to a report from one NSA department, the NSA routinely intercepts routers, servers, PC’s, and other networking hardware which is being exported from the US. The NSA then implants the spyware tools, repackages the hardware, affix factory seals, then they release the devices for shipment. This allows the NSA to access entire networks and data.
So it seems we have the US government warning about Chinese routers and servers, which now “represent not only economic competition but also surveillance competition”.
US Servers Manufactured Overseas
The reason this article grabbed my attention is because I’ve been supplying patented, tamper evident security seals to some US router/server companies for over a decade now. The seals are designed to show evidence that someone has opened the device, and were required under the FIPS 140 certification. For nearly a decade, those US routers and servers were MADE IN CHINA. A couple of my accounts were using Foxconn to do the assembly and building. Is this a cause for concern? How do we know what, if anything, was planted in US servers and routers as they were being assembled? Has end user IT departments and security departments been made aware of this? What if any data has been stolen during the past decade?
Security for All
So as we move along it would appear that these type of gov’t spy tactics will continue to rise under the guise of national security for all. The need for security firms and IT departments to somehow analyze their equipment and networks to confirm they are clean and free from surveillance is also on the rise; but it is tough always running one step behind.
Custom security seals including FIPS 140 are available to buy for servers and routers including those with textured surfaces. For help with tamper evident security, contact RighterTrack today. 215-493-7191 or e-mail