According to Glenn Greenwald, who seemingly quotes himself in his own titles, the NSA has routinely been intercepting US-based networking hardware bound for countries abroad. While Glenn Greenwald doesn’t specifically implicate any networking companies, it would be safe to assume that companies like Cisco, Juniper, Brocade, Dell, HP and many more. This is in the face of the fact that the US government had been criticizing the use of Huawei networking hardware due to the beliefs that the Chinese would be presenting a security risk to the US. They essentially claimed that Huawei was bugging their networking equipment for the Chinese government and that their routers weren’t safe, meanwhile the NSA was doing exactly what the US was accusing the Chinese of doing.
Glenn Greenwald states that this is among many other revelations in his new book due out tomorrow, called No Place to Hide which chronicles Edward Snowden, the NSA, and the U.S. Surveillance State. It is a bit curious that he would release such news from Edward Snowden a day before his book’s release and alluding to the fact that there would be more details buried within his book. A lot of people are going to look at this as an obvious money grab and are going to question his motives and whether he’s doing all of this to personally enrich himself. While he doesn’t address this in his interview with GQ directly, he clearly has a lot to say about a multitude of topics, including Edward Snowden himself. This is in addition to having left The Guardian, the publication that had originally helped him run all of the Snowden documents and gain worldwide attention to the US’ vast surveillance apparatus to start The Intercept.
So, How does the NSA do it? Well, according to a 2010 NSA document obtained by Glenn Greenwald, they would receive (intercept) routers, servers and other computer networking devices planned on being exported from the US before they were to be delivered to their final international destination. The NSA’s secret division would then implant backdoor surveillance tools and repackage the hardware with a factory seal and send them on their way. The NSA would then be able to gain access to those companies’ networks and all of their users and possibly data through these backdoors. He even states that the NSA document gleefully states that, “SIGINT tradecraft … is very hands-on (literally!),” clearly alluding to their physical tampering with hardware. Eventually, the bugged hardware connects back to the NSA and provides them with the data they want. The report continues, “In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network.”
Clearly, the NSA has a very detailed and well-established structure for these activities and likely has been doing so for quite some time. The NSA are probably much more careful about how they do things nowadays with all of the attention drawn to them because of the Snowden disclosures, but it would be foolish to assume they’ve stopped.
If you’re interested in getting Glenn Greenwald’s book, I recommend you head over here.