Security Experts:

Connect with us

Hi, what are you looking for?



NSA Document Lists Tools Targeting Popular Hardware, Software: Report

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

Leaked information about the National Security Agency’s operations has reportedly exposed a catalog of tools the spy agency uses to compromise popular software and hardware.

German news magazine Der Spiegel reported that they had obtained a 50-page document resembling a product catalog that outlined tools developed by the NSA’s ANT division – which is believed to stand for either Advaned or Access Network Technology – to compromise technology from a number of vendors responsible for producing routers, servers, firewalls and other equipment in widespread use.

According to the article, the NSA has “targeted products made by well-known American manufacturers and found ways to break into professional-grade routers and hardware firewalls, such as those used by Internet and mobile phone operators. ANT offers malware and hardware for use on computers made by Cisco, Dell, Juniper, Hewlett-Packard and Chinese company Huawei.”

Among the particular products mentioned was the Cisco PIX-series and Cisco ASA-series. According to the report, the Cisco products can be compromised with an implant codenamed “JETPLOW” that creates a backdoor.

In response, John Stewart, chief security officer at Cisco, blogged the company is looking into the allegations.

“We are deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information,” Stewart blogged. “We are committed to avoiding security issues in our products, and handling issues professionally when they arise. Our Trustworthy Systems initiatives, Cisco Secure Development Lifecycle, Cisco Common Crypto models, and Product Security Incident Response Team (PSIRT) and Vulnerability Disclosure policies are all industry-leading examples of our commitment to our customers. This is central to how we earn and maintain trust.”

Products from Cisco competitor Juniper Networks were mentioned as well, such as Juniper Netscreen/ISG 1000. Other products targeted by the NSA’s operations include Dell PowerEdge Servers, which the catalog reportedly says can be targeted with an implant known as “DEITYBOUNCE” that exploits the motherboard BIOS and utilizes the System Management Mode to give the NSA access.

Products from Huawei and Hewlett-Packard were targeted as well. The article does not allege that the companies worked with the NSA to develop the implants. Each of the companies issued statements to the media saying they had no knowledge of the NSA’s activities.

“Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit,” blogged John McClurg, vice president and chief security officer at Dell. “This includes ‘software implants’ or so-called ‘backdoors’ for any purpose whatsoever.”

Written By

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.