December 1st, 2008
IT expert executed in Iran
Following Pakistan’s recently introduced “Prevention of Electronic Crimes Ordinance 2008” according to which potential cyberterrorists would face the death penalty, a neighboring country, Iran, has recently executed an IT expert who confessed of being an Israeli spy for at least three years. After being recruited by Mossad during a business trip, Ali Ashtari, a trusted supplier of electronic and military equipment for the Iranian government, was allowing Israeli intelligence agents to backdoor the equipment he would later on install in Iranian military and government centers.
“Behind their backs he allowed the software he bought to be subtly doctored by Israeli computer engineers before it was imported to Iran. Ashtari confessed: “Mossad’s goal was to sell specialised computer equipment through me to Iranian intelligence organisations.” Ashtari revealed how he communicated with his Israeli controllers: “I received a laptop with encrypted software for fast e-mail communication,” he said. “They asked me to install bugging devices in the communications equipment I provided to my clients.””
Once the physical security of the devices has been compromised, anything from remote control capabilities to scheduled malfunctioning through logic bombs could have been integrated within. Despite the fact that they wanted him to give a portable satellite Internet device to the Iranian government, it still remains unknown to what extend and what type of backdoored equipment he has already introduced on behalf of the foreign agents.
The concept of backdooring hardware is nothing new, take for instance such proof of concepts like the Illinois Malicious Processors (IMPs) allowing high level access to a system running the backdoored hardware. In fact, the potential for damage and espionage activities is so realistic, that in a leaked FBI presentation entitled “Cisco Routers” the agency assesses the risks posed by counterfeit Cisco routers somehow making it into the critical infrastructure network.
The weakest link? It’s the subcontracting process.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
