Router Backdoors: Hacked by Chinese Part 2?
We all remember code red, right? Come on, you know you were hit with it..., ok, here's an image just in case you forgot:
SecureTest believes spyware could be easily built into Asian-manufactured devices such as switches and routers, providing a simple backdoor for companies or governments in the Far East to listen in on communications.
"Organisations should change their security policies and procedures immediately," says Ken Munro, managing director of SecureTest. "This is a very real loophole that needs closing. The government needs to act fast."
What's really interesting is that the article goes on to show no proof that this is indeed a very real loophole that needs closing. They site no cases of any backdoors in any current routers sold from China. I will give Ken Munro and SecureTest this, I do believe that a Chinese company could build a backdoor into router firmware. I also believe U.S. companies, French companies, Japanese companies, etc. could do this. In fact, this could be put into any software or hardware that we buy. Actually, one could make the case that by providing such weak protections out of the box (like username=admin password=admin for administrative consoles), many companies already are including backdoors in their routers.
Unfortunately for SecureTest, and the Chinese people, the article is portrayed as if they've already discovered a router that has a backdoor made by the Chinese, which I do not believe was Ken's point. One would've thought that with the Beijing Olympics fast approaching, we would've been able to move past the views of McCarthyism and the Red Scare (see the image right in case you can't remember history class).
My point is this, when it comes to hacking and the security of our nation, there's very real threats that currently exist coming from China. Let's not sensationalize and invent new ones until we have to, or else we could have our next hunt for Weapons of Mass Destruction.