IT Project Failures

Michael Krigsman
Home / News & Blogs / IT Project Failures

FBI: Counterfeit Cisco routers risk "IT subversion"

By | May 12, 2008, 6:05pm PDT

Summary: An internal Federal Bureau of Investigation presentation states that counterfeit Cisco routers imported from China may cause unexpected failures in American networks. The equipment could also leave secure systems open to attack through hidden backdoors. The scope of the problem is broad and results from a complicated supply chain originating in Shen Zhen.

An internal Federal Bureau of Investigation presentation states that counterfeit Cisco routers imported from China may cause unexpected failures in American networks. The equipment could also leave secure systems open to attack through hidden backdoors. The scope of the problem is broad and results from a complicated supply chain originating in Shen Zhen.

From a narrow project failures perspective, network problems caused by this equipment should be treated as any other hardware malfunction. Of course, the entire concept of third parties using compromised hardware to infiltrate public and private systems in the United States is another matter entirely.

Faulty networking hardware can be a nightmare to troubleshoot and fix. For example, the U.S. Customs and Border Protection (CBP) location at Los Angeles Airport (LAX) suffered a failed router last year; the problem delayed 20,000 passengers before technicians successfully isolated and repaired the issue.

The following slides, pulled from the larger presentation, indicate how seriously the FBI is taking this threat to national security.

Counterfeit Cisco routers risk “IT subversion” and failure 1

Counterfeit Cisco routers risk “IT subversion” and failure 2

Counterfeit Cisco routers risk “IT subversion” and failure 3

Counterfeit Cisco routers risk “IT subversion” and failure 4

Counterfeit Cisco routers risk “IT subversion” and failure 5

Counterfeit Cisco routers risk “IT subversion” and failure 6

Counterfeit Cisco routers risk “IT subversion” and failure 7

Counterfeit Cisco routers risk “IT subversion” and failure 8

Counterfeit Cisco routers risk “IT subversion” and failure 9

Counterfeit Cisco routers risk “IT subversion” and failure 10

Counterfeit Cisco routers risk “IT subversion” and failure 11

Counterfeit Cisco routers risk “IT subversion” and failure 12

Counterfeit Cisco routers risk “IT subversion” and failure 13

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “IT Project Failures”

Topics

Cisco Router, Router, Network, Information Technology, Cisco Systems Inc., Hardware, Routers & Switches, Federal Government, Networking, Network Technology, Government, Michael Krigsman

Michael Krigsman is a recognized authority on the causes and prevention of IT failures.

Disclosure

Michael Krigsman

Michael Krigsman writes and speaks about technology in a manner that most observers consider to be fair and balanced. Michael believes that writing about IT failures, which often have complex causes, creates a unique obligation to be reasonable and accurate in both reporting and analysis.

Michael maintains active personal and professional relationships with enterprise technology buyers, vendors, analyst firms (or individual analysts), consultants, and system integrators. As CEO of Asuret, Michael sells and delivers paid services to members of these same groups.

Vendors regularly reimburse Michael's out-of-pocket travel expenses to attend industry conferences and events. Conference organizers frequently waive entry fees when Michael attends industry events. Michael often speaks at industry conferences and events.

He is a member of the Enterprise Irregulars, a loose association of consultants, investors, industry representatives, analysts, and users of enterprise software.

For daily updates on Michael's activities, follow him on Twitter.

Biography

Michael Krigsman

Michael Krigsman is CEO of Asuret, Inc., a consulting company dedicated to reducing technology implementation failures. Asuret's suite of software tools improve the success rate of enterprise software deployments by quantifying and measuring governance issues that cause most project failures. Michael led the research effort underlying Asuret's model of collective intelligence and its practical application to reducing IT failures in consulting environments. He is a recognized authority on the causes and prevention of IT failures and is frequently quoted in the press on IT project and related CIO issues. He is considered an enterprise software industry "influencer" and provides advice to technology buyers, vendors, and services firms.

Previously, Michael served as CEO of Cambridge Publications, which develops tools and processes for software implementations and related business practice automation projects. Michael has been involved with hundreds of software development projects, for companies ranging from small startups to Fortune 500 organizations. Michael graduated with an M.B.A. from Boston University and a B.A. from Bard College. He is a Board member of the America's Cup Hall of Fame and the Herreshoff Marine Museum in Bristol, RI.

Talkback Most Recent of 79 Talkback(s)

  • Possible red flag...
    Counterfeit Router: $234
    Genuine Router: $1375
    Govenment officials not realizing there MIGHT be something wrong with an 80% discount?

    PRICELESS!

    So, none of that raised a red flag for anyone? Things that make ya go "hmmmmm".
    ZDNet Gravatar
    MGP2
    12th May 2008

  • ZDNet Blogger

    Excellent catch
    What do they say about something being too good to be true?
    ZDNet Gravatar
    mkrigsman@...
    12th May 2008
  • Government purchase always get special treatment.
    Sometimes government agencies get very special deals, even directly from the manufacturer for equipment. Yes, even 80% differences are not uncommon. Extreme price differences can swing both ways though, so it's not hard to believe this problem can happen very easily and go uncaught.
    ZDNet Gravatar
    Narg
    13th May 2008
  • Government purchase always get special treatment
    I'm with Scott. Not only are 80% discounts common but, when it reaches accounts payable there may not be enough information on the purchase order, and they may buy multiple routers simultaneously, so they wouldn't necessarily see that something is out of whack.
    That's why it's up to IT to recognize the fake from the real routers.

    Orpheuse
    ZDNet Gravatar
    Orpheuse
    13th May 2008
  • Is this not a terrible own goal?
    You've got to hope that the security agencies have got this right, perhaps by perusing the code, and can justify this.

    Otherwise, isn't it likely to kick off a backlash against US products, the biggest target being my *favourite* company?
    ZDNet Gravatar
    fr0thy2
    15th May 2008
  • Of course they do realize that...
    and they write $1375 on the budget, they buy the damn thing for $234 and they put the difference in some hidden account somewhere in the cayman islands...

    why should they raise a red flaga if they are profiting from it? do you still believe in santa claus?
    ZDNet Gravatar
    LucasKorso
    13th May 2008
  • Well....
    If they're gonna carry out this:

    http://government.zdnet.com/?p=3807

    They're gonna need some quality hardware to deliver the DDoS.
    ZDNet Gravatar
    MGP2
    13th May 2008
  • Probably never knew
    My guess would be the supplier bought the crap routers, yet charged the government the full retail price for the good routers. They government should eliminate the middle-man, and deal directly with Cisco (or any other manufacturer for that matter) for sensitive, system critical equipment.
    ZDNet Gravatar
    bigsibling
    13th May 2008
  • Outsourcing IT
    Easier to eliminate the middle-man when the people running the IT departments aren't actually Northrop-Grumman employees, or subcontractors for them who are doing the purchasing.

    We have, in the name of small government, made government a tangled web of complexity and almost nothing but middle-men.
    ZDNet Gravatar
    Red_Beard
    13th May 2008
  • have your cake and eat it too
    we want o restrict government growth so folks oppose big government, that means outsourcing. we want to restrict government spending so we require bidding and lowest bidder wins. You get the government you deserve. If you're bashing the government for this you're looking in the wrong place, try the mirror.

    btw PLA (Peoples Liberation Army) is reportedly running a botnet of their own, rumored to be the one called "storm". If they can start using all our routers as part of it, where will that leave us?
    ZDNet Gravatar
    bruce_mcculley@...
    14th May 2008
  • China is an enemy
    China is a communist government whose goal is world domination. We had better worry about any electronics, counterfiet or not, that are going to be installed in network infrastructure.
    China knows we cannt be defeated militarly but if they can wreck the military and country's data networking we can easily be defeated.
    Cheap goods carry a high price.
    ZDNet Gravatar
    High Plains
    13th May 2008
  • Military Dominance
    Our Military dominance, accurately identified, relies heavily on technology. If that technology is suspect, we have a serious problem.

    In a ground war against China, we would lose. This is not a debatable point. If we _can_ rely on advanced technology, we would stand a chance, but only just.

    Our military is not a mighty behemoth, but a professional military that is currently spread very thin.

    Now that I have stated the obvious, what may not be obvious is whether or not China needs us to stay stable. While we are stable, we supply them with cash. When we falter and the value of the dollar drops, they lose their value in their holdings (American debt). They would be wise to both diversify, and help America become strong. If you look closely, they are trying to do both.

    China is both a friend and foe. All countries, by their nature are bi-polar.
    ZDNet Gravatar
    Red_Beard
    13th May 2008
  • Closer to reality...
    China couldn't take the economic hit that a destabilized US would do to them. If they thought the cultural revolution was radical, they won't know the half of it when the capitalist revolution hits after a debacle like that!
    ZDNet Gravatar
    JCitizen
    13th May 2008
  • Re: Military Dominance
    >China is both a friend and foe. All countries, by their >nature are bi-polar.

    And few countries are as comfortable with that "bi-polar" position as China is;)
    ZDNet Gravatar
    mejohnsn
    25th May 2008
  • Everybody is an enemy whose goal is world domination
    to a paranoid whose goal is world domination.
    ZDNet Gravatar
    fr0thy2
    15th May 2008
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources