Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

NSA Document Lists Tools Targeting Popular Hardware, Software: Report

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

German news magazine Der Spiegel reported that they had obtained a 50-page document resembling a product catalog that outlined tools developed by the NSA’s ANT division – which is believed to stand for either Advaned or Access Network Technology – to compromise technology from a number of vendors responsible for producing routers, servers, firewalls and other equipment in widespread use.

According to the article, the NSA has “targeted products made by well-known American manufacturers and found ways to break into professional-grade routers and hardware firewalls, such as those used by Internet and mobile phone operators. ANT offers malware and hardware for use on computers made by Cisco, Dell, Juniper, Hewlett-Packard and Chinese company Huawei.”

Among the particular products mentioned was the Cisco PIX-series and Cisco ASA-series. According to the report, the Cisco products can be compromised with an implant codenamed “JETPLOW” that creates a backdoor.

Advertisement. Scroll to continue reading.

In response, John Stewart, chief security officer at Cisco, blogged the company is looking into the allegations.

“We are deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information,” Stewart blogged. “We are committed to avoiding security issues in our products, and handling issues professionally when they arise. Our Trustworthy Systems initiatives, Cisco Secure Development Lifecycle, Cisco Common Crypto models, and Product Security Incident Response Team (PSIRT) and Vulnerability Disclosure policies are all industry-leading examples of our commitment to our customers. This is central to how we earn and maintain trust.”

Products from Cisco competitor Juniper Networks were mentioned as well, such as Juniper Netscreen/ISG 1000. Other products targeted by the NSA’s operations include Dell PowerEdge Servers, which the catalog reportedly says can be targeted with an implant known as “DEITYBOUNCE” that exploits the motherboard BIOS and utilizes the System Management Mode to give the NSA access.

Products from Huawei and Hewlett-Packard were targeted as well. The article does not allege that the companies worked with the NSA to develop the implants. Each of the companies issued statements to the media saying they had no knowledge of the NSA’s activities.

“Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit,” blogged John McClurg, vice president and chief security officer at Dell. “This includes ‘software implants’ or so-called ‘backdoors’ for any purpose whatsoever.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.