Fake Cisco kit may contain malware

Marketing counterfeit Cisco equipment is not breaking news by any means as it has been an ongoing problem for Cisco and its resellers for years now. But having malware hidden in the firmware maybe.

Marketing counterfeit Cisco equipment is not breaking news by any means, as it has been an ongoing problem for Cisco and its resellers for years now. As evidence, check out this article for NetworkWorld by Brad Reese “Giant counterfeit Cisco sale on eBay”. The equipment must be a pretty good imitation of the real thing, ironically experts say that the first indication of the product being counterfeit is the price. The magnitude of this counterfeit activity can be seen in this recent article by InfoWorld “Counterfeit Cisco gear seized by U.S., Canadian agencies”.

The article also points out that several U.S. governmental organizations have purchased counterfeit Cisco products:

On Jan. 4, a grand jury in U.S. District Court for the Southern District of Texas indicted Michael Edman, 36, and his brother Robert Edman, 28, for trafficking in counterfeit Cisco products. The indictment alleges that the Edmans purchased and imported the counterfeit computer network hardware from an individual in China, then selling the products to retailers across the U.S. The Edmans shipped some of the counterfeit hardware directly to the U.S. Marine Corps, Air Force, Federal Aviation Administration, FBI, defense contractors, universities and financial institutions, according to the indictment. These organizations had purchased the product from a computer retailer serving as a middleman, which in turn purchased the products from the Edmans.

This is where it may get scary or it could be sensationalism, only time will tell (sorry for the cliché). Long-time nemesis and watch dog of Cisco, SecureTest is claiming that the Cisco counterfeit equipment may contain malware:

Government and communications networks could be infected with malicious firmware imported from far eastern markets such as China, according to independent security penetration consultancy, SecureTest. Unlike current malware, machine level hardware such as the chipsets used in routers and switches and other computer devices are rarely tested and may already have established back doors in communications systems across the country.


Not sure what kind of conclusions can be drawn yet. It is definitely food for thought. Governmental organizations and enterprise-sized corporations more than likely will instigate comprehensive inspection procedures on their supply chains. SecureTest may be crying wolf, but it is not hard to see how easily this could circumvent any network security measures, allowing parties in the know access to national or trade secrets.

About Michael Kassner

Information is my field...Writing is my passion...Coupling the two is my mission.

Editor's Picks