US-made routers and servers shipped to customers abroad may contain backdoor software installed by the National Security Agency (NSA), says a new article by Glenn Greenwald, the Brazil-based journalist who facilitated the public release of sensitive surveillance files by Edward Snowden.
The story, published in The Guardian, is an excerpt from Greenwald’s new book No Place to Hide, released May 13.
Greenwald claims that the NSA has admitted that it has intercepted servers, routers and other network equipment being shipped out of the country, installing backdoor surveillance software before shipping the products on to their customers in other countries.
Greenwald begins by quoting the fears of US politicians that Chinese telecommunications equipment manufacturers, notably Huawei and ZTE, have been installing surveillance technology in their devices before shipping them to the US and elsewhere.
“But while American companies were being warned away from supposedly untrustworthy Chinese routers, foreign organizations would have been well advised to beware of American-made ones,” Greewald writes.
“A June 2010 report from the head of the NSA’s Access and Target Development department is shockingly explicit. The NSA routinely receives – or intercepts – routers, servers and other computer network devices being exported from the US before they are delivered to the international customers.”
Greenwald says the NSA report is quite open in disclosing that it installs the backdoor technology, which he says gives the agency access to foreign networks and their users when that technology connects back to the NSA.
Greewald quotes the NSA report; “In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network.”
“It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices,” Greenwald writes. “But the US is certainly doing the same.”
The story was reported in a number of outlets, including TechCrunch, which contacted the NSA for comment. The NSA’s response included the following.
“The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected… NSA’s activities are focused and specifically deployed against – and only against – valid foreign intelligence targets in response to intelligence requirements. We are not going to comment on specific, alleged foreign intelligence activities.”