Cisco, Snowden, Canberra and Hacking…. Has Australia’s Parliament House been bugged?

By Kate Doak.
By Kate Doak.

Over the past couple of weeks since Edward Snowden started making accusations against the US Intelligence community as a whistleblower, there’s been a lot of focus on the level of engagement that IT companies such as Google, Skype, Microsoft, Apple and Yahoo have with the more clandestine elements of the US government.

The NSA leaker, Edward Snowden, pictured in a hotel reportedly within Hong Kong. Photograph: The Guardian

But while there’s been a lot of public and media focus on these companies, there’s been next to no focus on the network infrastructure companies that provide the backbone hardware that actually allows the Internet and other modern telecommunications systems to work.  From Nokia Siemens Networks through to Huawei and Cisco, there’s been a lot of security and surveillance concerns raised over recent months, particularly amongst Cisco which has had major problems with phone and network hacking over recent years.

Now since Snowden’s story broke, there’s been a lot of talk about the NSA’s hacking of universities within Hong Kong and the potential information that they’ve been able to retrieve.  As a quick analysis of the Chinese University of Hong Kong’s corporate agreements show, Cisco is a key strategic partner within Hong Kong’s entire telecommunications network.

Now as Synergy Research Group recently stated, Cisco currently holds the lion’s share of the network infrastructure market worldwide.  Between network Switches/Hubs, VoIP, UC Apps, Routers, Wireless and Telepresence, they are undoubtedly currently the dominant force when it comes to network infrastructure and development in the digital age. With market dominance in these areas ranging from 27% to 70% though, this can result in some pretty major security problems depending on how Cisco design and update their products.

This in turn is where The Columbia University Intrusion Detection Systems Lab comes in, along with their resident CISCO specialist, Ang Cui.

From 2009 onwards, Ang Cui has exposed some pretty extensive flaws within Cisco’s phone and networking products, as well as the operating systems and source code found within them. From using a Cisco telephone as an entry-point for a network-wide attack through to turning a handset microphone into an audio surveillance bug, Ang Cui has shown that both new and old Cisco products can have some pretty spectacular and nefarious applications when it comes to both industrial, corporate and governmental espionage.

Now as the above video shows, it is pretty easy for a government agency or other organisation to hack Cisco equipment for intelligence gathering purposes. While Cisco has started to roll out patches for some of these problems, more often than not they are doing so years after particular vulnerabilities have been identified.  While it is still yet to be seen if these patches will have any discernible long-term influence on the security of Cisco products, the fact that IP phones are essentially a computer with a microphone and speaker attached means that they are just as susceptible to hacking as any other computerised device.

Now given the prominence of Cisco technology worldwide, it’s more than likely that “PRISM” and other intelligence programs have been using backdoor entrances such as those referenced above (and hardwired default Cisco usernames and passwords amongst others), to gain access to various networks and offices, worldwide. Given that Cisco technology can be found in places such as Australian Parliament House and President Obama’s desk in the Oval Office through to the network infrastructure of the various universities within Hong Kong, such intelligence gathering opportunities would have to be deeply appealing to various individuals and organisations worldwide.

pict51
President Obama preparing his announcement of the death of Osama Bin Laden. Cisco phone is furthest phone on desk from the camera – Official White House Photo by Pete Souza

 

Needless to say, even against allies such technological capabilities would have to be of use to the US Government, given that knowing what proposals are going to arise within foreign conferences and the like would give them the upper hand in any form of negotiation going forward.  As we’ve seen over recent days with the hacking scandal surrounding the UK’s Secret Intelligence Service, such real-time intelligence can have an enormous influence on the global economy and foreign relations, therefore making the gathering of such information extremely desirable.

 

Now from an Australian perspective, it’s important that we keep a close eye on our own reliance upon foreign telecommunications products, both within governmental organisations and in the corporate world.  As a quick peruse of the public photos and videos of the Prime Minister’s Office shows, both a Cisco phone and an L-3 encrypted phone appear to be present in the background of her office.  On top of that, Cisco has been heavily involved with Telstra in regards to the rollout of governmental “Telepresence” suites nationwide, while also securing key monitoring and development contracts with the NBN over the past few years.

Consequentially, you’ve got to wonder whether or not such teleconferencing suites and desktop phones present throughout the senior levels of the Australian Government are a blessing or a curse, given that they could be potentially be compromised by a kid with a cord, smartphone and bluetooth connection as shown in the Columbia University videos above, and that Cisco hasn’t been adequately addressing legitimate security concerns from respectable organisations.  Furthermore, as Telstra Business Digital has been rolling out a lot of Cisco equipment recently for their business customers, you’ve got to wonder how patches and other preventative measures are going to be rolled out across the nation within the forseeable future, in order to counter potential employee monitoring and industrial espionage.

Furthermore, given that Cisco is claiming that its Chinese competitor Huawei stole its source code, the same concerns that have been raised about Huawei within the NBN procurement process must also be applied to Cisco, if their claims are to be believed.

So while Snowden has undoubtedly broken US laws as a result of his whistleblowing, it’s questionable as to whether or not he should be branded a traitor for his actions or even prosecuted, for that matter. By highlighting the fact that telecommunications security worldwide is a matter of major concern and that it has been used for nefarious (and possibly extremely illegal) activities, Snowden has probably done the US public a favour by showing just how complex the telecommunications and intelligence communities have become.  Unlike Manning and Assange who released documents en mass, Snowden’s notification that foreign universities which utilise Cisco network infrastructure have been hacked by US officials and contractors raises significant and illegal actions under US and International law, without putting potential human intelligence sources at risk. Also if the US Government has been ordering hacking into both US and foreign organisations using Cisco infrastructure and other methods, then anyone who’s been convicted of hacking or improper use of an official computer could challenge the validity of their own charges in court, if PRISM and other such programs are found to have been illegal.

Given the number of people moving in and out of government employment in the US, the high focus of attention on US citizens and residents by certain government agencies, not to mention the booming demand for new technologies and resources, Snowden’s whistleblowing will probably help the US economy long-term, by making company executives focus more attention on the security of their research and internal communications networks. Given their prominence in the IT industry, that problem and consequentially its solution falls largely in the hands of Cisco.

Needless to say you should never shoot a messenger with potentially a gift horse in the mouth, before you’ve at least heard what they’ve got to say.