Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

NSA Document Lists Tools Targeting Popular Hardware, Software: Report

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

German news magazine Der Spiegel reported that they had obtained a 50-page document resembling a product catalog that outlined tools developed by the NSA’s ANT division – which is believed to stand for either Advaned or Access Network Technology – to compromise technology from a number of vendors responsible for producing routers, servers, firewalls and other equipment in widespread use.

According to the article, the NSA has “targeted products made by well-known American manufacturers and found ways to break into professional-grade routers and hardware firewalls, such as those used by Internet and mobile phone operators. ANT offers malware and hardware for use on computers made by Cisco, Dell, Juniper, Hewlett-Packard and Chinese company Huawei.”

Among the particular products mentioned was the Cisco PIX-series and Cisco ASA-series. According to the report, the Cisco products can be compromised with an implant codenamed “JETPLOW” that creates a backdoor.

In response, John Stewart, chief security officer at Cisco, blogged the company is looking into the allegations.

Advertisement. Scroll to continue reading.

“We are deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information,” Stewart blogged. “We are committed to avoiding security issues in our products, and handling issues professionally when they arise. Our Trustworthy Systems initiatives, Cisco Secure Development Lifecycle, Cisco Common Crypto models, and Product Security Incident Response Team (PSIRT) and Vulnerability Disclosure policies are all industry-leading examples of our commitment to our customers. This is central to how we earn and maintain trust.”

Products from Cisco competitor Juniper Networks were mentioned as well, such as Juniper Netscreen/ISG 1000. Other products targeted by the NSA’s operations include Dell PowerEdge Servers, which the catalog reportedly says can be targeted with an implant known as “DEITYBOUNCE” that exploits the motherboard BIOS and utilizes the System Management Mode to give the NSA access.

Products from Huawei and Hewlett-Packard were targeted as well. The article does not allege that the companies worked with the NSA to develop the implants. Each of the companies issued statements to the media saying they had no knowledge of the NSA’s activities.

“Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit,” blogged John McClurg, vice president and chief security officer at Dell. “This includes ‘software implants’ or so-called ‘backdoors’ for any purpose whatsoever.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.