Federal Authorities Have Seized More Than $143 Million USD Of Fake Network Equipment

What a surprise, another quiet weekend – nothing much has been going on apart from the big furore about Facebook privacy – which frankly has been discussed to death.

Other than that, 2 critical patches are expected in the next Microsoft patch Tuesday – info here and here.

One story which I did find interesting was about fake networking gear, mostly Cisco which the Feds have been seizing for the past 5 years under Operation Network Raider – with more than 700 seizures and 30 felony convictions, that sure is a lot of dodgy gear out there!

Federal authorities over the past fives year have seized more than $143m worth of counterfeit Cisco hardware and labels in a coordinated operation that’s netted more than 700 seizures and 30 felony convictions, the Justice Department said Thursday.

Operation Network Raider is an enforcement initiative involving the FBI, Immigration and Customs Enforcement and Customs and Border Protection agencies working to crack down on the bogus routers, switches and other networking gear. In addition to costing Cisco and other US businesses millions of dollars, the scams could threaten national security by infusing critical networks with gear that’s unreliable or, worse, riddled with backdoors.

As part of the operation, Ehab Ashoor, 49, a Saudi citizen residing in Sugarland, Texas, was sentenced this week to 51 months in prison and ordered to pay Cisco $119,400 in restitution after being found guilty of trying to sell counterfeit gear to the US Department of Defense. In 2008, he attempted to traffic 100 gigabit interface converters that were bought in China and contained labels fraudulently indicating they were genuine Cisco equipment, according to court documents. The kit was to be used by the US Marine Corps for communications in Iraq

The scary part for me is not that this stuff is out there, but that it is being sold to the US government! Especially that some was destined to be used by the US Military in Iraq. Now with the relations between China and the US the conspiracy theorists could come up with some interesting thoughts on this.

The sentences handed out are pretty stiff though with 51 months in prison, even though I guess it’ll be some cushy white-collar prison and not some hardcore federal penitentiary.

In January, 33-year-old Chinese resident Yongcai Li was ordered to serve 30 months in prison and pay restitution of $790,683 for trafficking counterfeit Cisco gear, officials said.

The prospect that government and business networks may have deployed bogus gear has raised national security concerns, since much of the counterfeit equipment originates in China. Similar espionage fears were raised by research from University of Illinois researchers, who in 2008 showed how they were able to modify a Sun Microsystems SPARC microprocessor to effectively create a hardwired backdoor capable of logging passwords or other sensitive data.

In May of 2008, Cisco officials said they had no evidence that any of the counterfeit networking gear contained backdoors.

Since late 2007, US authorities have made more than 1,300 seizures of 5.6 million bogus semiconductors. More than 50 shipments were falsely marked as military or aerospace grade devices. The Justice Department’s press release is here.

From the restitution figures it seems like Yongcai Li sold a lot higher volume than Ehab Ashoor but his prison sentence is much shorter. Perhaps he was given a more lenient sentence as he wasn’t directly trying to sell the fake gear to the US government and military.

They state none of the networking equipment contained backdoors, but then if they did – would they really tell anyone? They were obviously trying to buy cheap gear on the side rather than dealing directly with Cisco – not a wise decision.

Source: The Register

Posted in: Legal Issues

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

8 Responses to Federal Authorities Have Seized More Than $143 Million USD Of Fake Network Equipment

  1. Benito Mussolini May 10, 2010 at 1:22 pm #

    The United States government has no problem blowing money on just about everything else. This is one case where they would have been better off to just pony up and buy directly from Cisco. The difference in price couldn’t have been that drastic.

  2. Dilbert May 10, 2010 at 2:00 pm #

    So why hasn’t anyone reverse-engineered the software/OS on this bogus hardare to see exactly what’s going on?

  3. CaseInPoint May 10, 2010 at 2:11 pm #

    I’d appreciate some way of verifying that my cisco equipment isn’t some of this bogus stuff. We purchase used Cisco equipment simply because it’s so dang expensive to buy it otherwise.

  4. Zimmie May 10, 2010 at 3:14 pm #

    Strictly, the devices probably were not sold to the U.S. government directly, but to a contractor. The contractors are getting a fixed amount of money based on their bid for fulfilling the requirements of the contract (at least, that’s how it is supposed to work). If they find a “great deal” on line cards or backplanes, they may go with that to save some money thereby saving more of the contract money as profit.

    This is why HMOs, low-bid contracts, and anything else that offers a fixed or negotiated-up-front fee for variable cost work will *always* result in low-quality output.

    • Darknet May 11, 2010 at 7:43 am #

      That’s true and yah good point, any fixed price tenders will be prone to this kind of issue with people looking to maximize profits.

  5. John Stafford May 12, 2010 at 10:48 pm #

    A good way to guarantee that you purchase quality equipment is to work with companies who are associated with organizations such as UNEDA. The United Network Equipment Dealer Association (UNEDA) is a worldwide alliance of over 275 companies whose primary business is supplying pre-owned networking equipment. Members represent the entire spectrum of the secondary market, from companies with hundreds of employees and millions of dollars in inventory to small, entrepreneurial organizations. Together their combined yearly buying clout exceeds $2.5 billion, representing the sale of millions of pieces of equipment to tens of thousands of customers worldwide. UNEDA members must adhere to a strict code of ethics that includes a firm policy against selling any equipment that is not legitimate and are immediately removed from membership if they break this rule. UNEDA works hand in hand with multiple government agencies to help eradicate counterfeit and stolen equipment from being sold to end-user customers.

    John Stafford

  6. Csgod0 May 13, 2010 at 5:24 am #

    LOL, so let see.. take a Cisco 6509 chassis, load it up with twin redundant power supplies, twin sup modules, and full 9 blades, and you’re looking at a HELLA lot of money. Thats not that much equipment, just costs a whoole lot :D