Your Network Hardware Maybe Aiding Spies Right Now
Yes, really. Your government or a foreign spy agency might be tuning in right now through your router or your server equipment.
Two Cases of Hardware Tampering
In 2015, Amazon ordered third-party security researchers to investigate the technology of the company they wanted to acquire which is Elemental Technologies. Since Amazon was working on its video compression architecture, it planned on getting the said company because it manufactured high-end servers which specialized in this particular task. The team of security researchers performed tests on the servers and found microchips as small as rice grains on these devices. What the security experts found troubling is that these chips served as potential backdoors to these systems and can possibly input malicious code.
The investigators traced the trail of hardware tampering to Super Micro Computers Inc., a networking and storage giant with a near monopoly on server motherboards. Based on their research, the tainted hardware came from four factories which Super Micro subcontracted in order to meet a batch of orders. Members of the People’s Liberation Army whose expertise involves hacking hardware approached the owners of these factories and either blackmailed or bribed them to insert the chips during production.
Amazon immediately found a way to dispose of these infected infrastructures by selling their assets in Beijing. Some of the other companies, around 30 of them, have been notified by the US government
China, however, isn’t alone when it comes to tampering with hardware. In 2014, lawyer and journalist Glenn Greenwald showed photos of the National Security Agency or the NSA, allegedly tampering with Cisco routers bound for shipping overseas by placing beacons in them. These beacons allowed the agency to both allow backdoor access to NSA operators and give them some measure of control over the router.
Although state actors may not actively engage these implanted assets into this hardware, it can nonetheless allow cybercriminals the same back access should they discover these chips.
What Organizations Can Reasonably Do
Because of the developing geopolitical landscape, individuals and businesses can expect more and more of this kind of interference from state actors and spy agencies. Given this expectation, the right thing to ask now is what can companies reasonably do in the wake of state surveillance on their activities.
Security researchers weighed in and believe that detecting the microchips can be both difficult and expensive. The network scanning tool for this task will have to be very, very sensitive in order to catch the signals from the spy implanted device. Active network monitoring may help but any irregular activity can mean a lot of things and may not be connected to spying.
What may work with some reasonable effectiveness is advanced firewalls. Firewalls can work to block any attempts from outsiders to access the said device. But at some point, as countries and governments escalate their spycraft methods and technologies, even firewalls may become obsolete. Companies must keep in step with any current practice and tech in order to protect their assets.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.