[c-nsp] Fake Cisco Equipment News Articles - very interesting

Tue May 13 02:51:20 EDT 2008

Ted Mittelstaedt wrote:

> After the initial reaction of laughing, I have this to say about it.
> 
> It is clearly rediculous that Chinese crackers are going to steal
> national security secrets by using counterfeit WIC-1DSU-T1 cards.
> I think the majority of counterfeit gear they picked up was probably
> along those lines.
> 
> It is a bit more of a national security concern when the counterfeit
> gear is firewalls.

I think that the intent of the counterfeiters is purely financial gain, 
not espionage.  The only reason we aren't seeing counterfeit firewalls 
is that the volume of ASAs vs. WICs and 17xx routers is too low to make 
it profitable.

> I am mostly concerned with the following, however:
> 
> 1) Purchase of networking equipment on credit cards rather than through
> the authorized government purchasing system.
> 
> 2) Counterfeit gear getting into the government offices through the
> regular distributors.
> 
> In case #1, that is clearly the case of network admins getting denied
> approval for a project and saying "fuck you" and going ahead with it
> anyway.  

Not necessarily.  Quite often there is a need for government agencies to 
use official credit cards for such purchases outside of the normal 
procurement channels.  USDA Forest Service procuring gear for deployment 
at a fire camp, FEMA in a disaster area, even such things as WH 
Communications agency needing a setup for a Presidential trip to a small 
town often don't allow for the standard GSA procurements with the red 
tape involved, etc.  After the fire or emergency, the equipment winds up 
in the agency's inventory.

> In case #2, the middlemen/distributors/etc. that the government normally
> is buying from are selling Chinese counterfeit stuff for full price.
> Thus, they are buying the counterfeit gear for pennies and selling it
> for millions, and making a killing doing so.  Well, the FBI discovered it,
> where are the stories of such distributors getting arrested for fraud?
 >
> All in all, a very disturbing article.  Not about the counterfeiting -
> we all know it happens.  But the fact that the stuff got into the
> government networks in the first place.

The distributors may be victims as well, it could be a crooked delivery 
driver or stock clerk.  We have been burned with counterfeit WICs 
shipped direct from a very large nationwide official Cisco distributor 
(initials I.M.) ordered from Cisco.  Or the switch could have happened 
in China, where the real Cisco gear is also manufactured, perhaps in the 
same factory during the day shift.

--
Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV