Cisco takes US govt to task over tampering with US comms hardware exports

15 May 2014

Revelations that the NSA had been secretly intercepting US communications hardware exports to install spying tools don’t sit well with one of Silicon Valley’s biggest tech giants and the company that helped build the internet, Cisco.

In what has to be a case of breathtaking hypocrisy, it was revealed that after blocking Chinese imports of communications hardware into the US on the grounds of potential spy threats, the US government’s intelligence agency, the National Security Agency (NSA), had been doing precisely that.

A House Intelligence Committee claimed ZTE and Huawei were enabling Chinese state surveillance despite having no actual evidence to back this up, forcing the manufacturers to abandon the US market.

The Guardian journalist Glenn Greenwald, who broke the story on former CIA contractor Edward Snowden’s defection from the US, in his new book No Place to Hide, revealed the NSA had been intercepting hardware exports from US communications manufacturers such as Cisco, removing the factory seal, installing their own spying tools, and restoring the factory seal before the hardware left the US.

Cisco, the company that pretty much built the internet as we know it, has expressed its contempt for these actions and said the US has overreached its brief and undermined the goals of free communication.

“Confidence in the open, global internet has brought enormous economic benefits to the United States and to billions around the world,” said Mark Chandler, Cisco’s legal counsel.  

“This confidence has been eroded by revelations of government surveillance, by efforts of the US government to force US companies to provide access to communications of non-US citizens even when that violates the privacy laws of countries where US companies do business, and allegations that governments exploit rather than report security vulnerabilities in products.”

The value of trust

Chandler said that as a matter of policy and practice, Cisco does not work with any government, including the US government, to weaken its products.

“When we learn of a security vulnerability, we respond by validating it, informing our customers, and fixing it. 

“We react the same when we find that a customer’s security has been impacted by external forces, regardless of what country or form of government or how that security breach occurred. We offer customers robust tools to defend their environments against attack, and detect attacks when they are happening. By doing these things, we have built and maintained our customers’ trust.

“We expect our government to value and respect this trust.”

In December, eight technology companies expressed concern to US President Barack Obama that the US government’s surveillance efforts as revealed by Snowden were harmful.

Chandler added that Cisco complies with US laws, like those of many other countries, which limit exports to certain customers and destinations.

“We ought to be able to count on the government to then not interfere with the lawful delivery of our products in the form in which we have manufactured them,” Chandler said.  

“To do otherwise, and to violate legitimate privacy rights of individuals and institutions around the world, undermines confidence in our industry.”

Security image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years