March 6th, 2008

Router Backdoors: Hacked by Chinese Part 2?

Posted by Nathan McFeters @ 7:06 am

Categories: Exploit code, Hackers, Vulnerability research

Tags: Router, Back Door, SecureTest, Routers & Switches, Network Technology, Networking, Nathan McFeters

We all remember code red, right? Come on, you know you were hit with it…, ok, here’s an image just in case you forgot:

PCPro News out of the UK has written a story that I classify as xenophobic and unfair. PCPro spoke with the SecureTest company who asserted the following:

SecureTest believes spyware could be easily built into Asian-manufactured devices such as switches and routers, providing a simple backdoor for companies or governments in the Far East to listen in on communications.

“Organisations should change their security policies and procedures immediately,” says Ken Munro, managing director of SecureTest. “This is a very real loophole that needs closing. The government needs to act fast.”

What’s really interesting is that the article goes on to show no proof that this is indeed a very real loophole that needs closing. They site no cases of any backdoors in any current routers sold from China. I will give Ken Munro and SecureTest this, I do believe that a Chinese company could build a backdoor into router firmware. I also believe U.S. companies, French companies, Japanese companies, etc. could do this. In fact, this could be put into any software or hardware that we buy. Actually, one could make the case that by providing such weak protections out of the box (like username=admin password=admin for administrative consoles), many companies already are including backdoors in their routers.

Unfortunately for SecureTest, and the Chinese people, the article is portrayed as if they’ve already discovered a router that has a backdoor made by the Chinese, which I do not believe was Ken’s point. One would’ve thought that with the Beijing Olympics fast approaching, we would’ve been able to move past the views of McCarthyism and the Red Scare (see the image right in case you can’t remember history class).

My point is this, when it comes to hacking and the security of our nation, there’s very real threats that currently exist coming from China. Let’s not sensationalize and invent new ones until we have to, or else we could have our next hunt for Weapons of Mass Destruction.

Nathan McFeters is a Senior Security Advisor for Ernst & Young's Advanced Security Center in Chicago. The views and opinions expressed in this article are his own and do not represent the views and opinions of Ernst & Young Advanced Security Center or Ernst & Young, LLP. Nathan has performed web application, deep source code, Internet, Intranet, wireless, dial-up, and social engineering engagements for numerous clients in the Fortune 500 during his career at Ernst & Young and has spoken at a number of prestigious conferences, including Black Hat, DEFCON, ToorCon, and Hack in the Box. He can be found at his Pwn* blog and XS-Sniper, a blog with Billy Rios. See his full profile and disclosure of his industry affiliations.