Cisco Investigates NSA Backdoor Security Hole Claims

Is Cisco Systems ready to battle the NSA over cloud and enterprise IT spying activities? An article in Der Spiegel provided details on how the National Security Agency (NSA) Tailored Access Operations (TAO) has exploited the weaknesses of IT products. Mentioned in the article is Cisco Systems, which is now "deeply concerned" about the impact on customers' networks.

Chris Talbot

December 31, 2013

2 Min Read
John Stewart senior VP and chief security officer at Cisco reacted swiftly to potential NSA spying activities
John Stewart, senior VP and chief security officer at Cisco, reacted swiftly to potential NSA spying activities.

It must be somewhat disconcerting to wake up one morning and find yourself mentioned in a magazine article stating the National Security Agency (NSA) Tailored Access Operations (TAO) organization has possibly created backdoors into your company's products. That's what happened to Cisco Systems (CSCO) this weekend following the publication of article in Germany's Der Spiegel magazine.

According to the article, the NSA TAO expoited technical weaknesses in the IT products of various vendors. Cisco was specifically mentioned, and the company has jumped into action by putting its Cisco Product Security Incident Response Team (PSIRT) on the case. The team has opened an investigation into the claims, and Cisco is trying to keep its customers and partners up to date on its findings.

John Stewart, senior VP and chief security officer for threat response, intelligence and development at Cisco, wrote in a blog post that Cisco is "deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information."

Cisco prides itself on its high level of security in its networking products, and an exploit that allowed the NSA into its products through a backdoor could pose several challenges to the company, its partners and its customers. With such claims out there, one has to wonder what the federal security agency exactly has access to and what it is currently able to do. That's an unknown, of course.

For partners, it could open up several questions about Cisco's security that they may not be able to answer sufficiently to put their customers' fears to rest.

Stewart is trying to make assurances to all stakeholders right now.

"As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products," he wrote.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like