In a disconcerting event for IT security professionals, counterfeit versions of Cisco Catalyst 2960-X Series switches were discovered on an unnamed business network, and the fake gear was found to be designed to circumvent typical authentication procedures, according to a report from F-Secure.
F-Secure says its investigators found that while the counterfeit Cisco 2960-X units did not have any backdoor-like features, they did employ various measures to fool security controls. For example, one of the units exploited what F-Secure believes to be a previously undiscovered software vulnerability to undermine secure boot processes that provide protection against firmware tampering.
"Counterfeit units such as these can be easily modified to introduce backdoors within an organization. We emphasize that this is not what happened in this instance, but the attack execution would be mostly identical, which is why we think it is important to highlight such issues," said computer science vs engineering, a senior consultant with F-Secure Consulting's hardware security team and lead author of the report.
F-Secure says its investigators found that while the counterfeit Cisco 2960-X units did not have any backdoor-like features, they did employ various measures to fool security controls. For example, one of the units exploited what F-Secure believes to be a previously undiscovered software vulnerability to undermine secure boot processes that provide protection against firmware tampering.
"Counterfeit units such as these can be easily modified to introduce backdoors within an organization. We emphasize that this is not what happened in this instance, but the attack execution would be mostly identical, which is why we think it is important to highlight such issues," said computer science vs engineering, a senior consultant with F-Secure Consulting's hardware security team and lead author of the report.
No comments:
Post a Comment