Hunting for backdoors in counterfeit Cisco devices

F-Secure’s investigation highlights challenges facing organizations that discover counterfeit components in their IT infrastructure.

Helsinki, Finland – July 15, 2020: Hardware security specialists with cyber security provider F-Secure have published a report detailing their investigation into a pair of counterfeit network switches. The investigation, which concluded that the counterfeits were designed to bypass processes that authenticate system components, illustrates the security challenges posed by counterfeit hardware.

F-Secure Consulting’s Hardware Security team investigated two different counterfeit versions of Cisco Catalyst 2960-X series switches. The counterfeits were discovered by an IT company after a software update stopped them from working, which is a common reaction of forged/modified hardware to new software. At the company’s request, F-Secure Consulting performed a thorough analysis of the counterfeits to determine the security implications.

The investigators found that while the counterfeits did not have any backdoor-like functionality, they did employ various measures to fool security controls. For example, one of the units exploited what the research team believes to be a previously undiscovered software vulnerability to undermine secure boot processes that provide protection against firmware tampering.

“We found that the counterfeits were built to bypass authentication measures, but we didn’t find evidence suggesting the units posed any other risks,” said Dmitry Janushkevich, a senior consultant with F-Secure Consulting’s Hardware Security team, and lead author of the report. “The counterfeiters’ motives were likely limited to making money by selling the components. But we see motivated attackers use the same kind of approach to stealthily backdoor companies, which is why it’s important to thoroughly check any modified hardware.”

The counterfeits were physically and operationally similar to an authentic Cisco switch. One of the unit’s engineering suggests that the counterfeiters either invested heavily in replicating Cisco’s original design or had access to proprietary engineering documentation to help them create a convincing copy.

According to F-Secure Consulting’s Head of Hardware Security Andrea Barisani, organizations face considerable security challenges in trying to mitigate the security implications of sophisticated counterfeits such as the those analyzed in the report.

“Security departments can’t afford to ignore hardware that’s been tampered with or modified, which is why they need to investigate any counterfeits that they’ve been tricked into using,” explained Barisani. “Without tearing down the hardware and examining it from the ground up, organizations can’t know if a modified device had a larger security impact. And depending on the case, the impact can be major enough to completely undermine security measures intended to protect an organization’s security, processes, infrastructure, etc.”

F-Secure has the following advice to help organizations prevent themselves from using counterfeit components:
• Source all your components from authorized resellers
• Have clear internal processes and policies that govern procurement processes
• Ensure all components run the latest available software provided by vendors
• Make note of even physical differences between different units of the same product, no matter how subtle they may be

“We’re world leaders when it comes to breaking and implementing secure boot schemes, which are integral in protecting intellectual property and ensuring authenticity of firmware and hardware products. Our detailed analysis of this case highlights not only the challenges in determining the security implications of counterfeits, but also how we can support and reassure organizations that discover suspicious devices in their infrastructure,” added Barisani.

The full report is available on F-Secure Labs:

F-Secure Consulting operates on four continents from 11 different countries. It provides cyber security services tailored to fit the needs of banking, financial services, automotive, aviation, shipping, retail, insurance, and other organizations working in highly targeted sectors.

About F-Secure
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing the unmatched threat intelligence of hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks, airlines, and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd. | |

Source link


Here at for years, we have been helping friends and family all across the world even celebrities and athletes to stay healthy. Simply by having a glass of our Ozonated water from our unparalleled ozone devices. Our technology is truly amazing!

For those that are sceptical, just realise that ozone for decades has been used to sanitize water, surgical tools and bottled water among plenty of other uses. Ozone is a natural gas that has two Oxygen molecules and obviously you know Oxygen naturally kills bacteria and pathogens, well this amazing device we created makes Ozone gas which is like Oxygen on steroids.

All instructions on using the device are supplied, plus we give two for the price of one with free delivery and 14-day money back guarantee too!!

Businesses should not plummet; stock market should not be rocked and the public should not panic because we can easily overcome this Coronavirus with our fresh Ozonated water! This is not the 15th Century! This is our century! We will wipe out the Coronavirus together!

“I think President Trump should give me the $8 Billion Dollars he set up for Coronavirus because I can easily destroy it with my technology and investors feel free to make us BIG proposals!” -ASH THE CEO- OF WWW.NOVATTIONE.COM. It is time to get tough!
“I have been helping my people all across Africa with HIV, EBOLA and many illnesses and results have always been great”. -ASH THE CEO- OF WWW.NOVATTIONE.COM
“Every home deserves to have our Ozone technology, just as much as most homes have electricity and warm water”. -ASH THE CEO- OF WWW.NOVATTIONE.COM

“I challenge anyone diagnosed with the Coronavirus to use my device or even put the virus in a glass of my Ozonated water to see if it can be destroyed. I jog everywhere, meet with strangers, shake hands and enjoy public places and have no worries about the Coronavirus and I happily share the sweet news of how it can be destroyed, after all I have not had a flu virus affect me in more than 5 years since I built my first Ozone generator in my mother’s garage.”

“Sceptic? Well, the Minister of Health in the UK, Nadine has been diagnosed with Coronavirus but I am 100% fit and healthy!”-ASH THE CEO- OF WWW.NOVATTIONE.COM

Do not panic, let us make Coronavirus panic and extinct! Let Us Make The World Great Again!


Do not let your scepticism make you a Victim of Coronavirus!
Thank You And God Bless You And Your Loved Ones – ASH THE CEO-

Source link