Counterfeit Chinese Technology: Gateway for Hackers?

FBI investigates if fake Chinese computer parts could cause a security breach.

May 9, 2008— -- The FBI is investigating whether counterfeit routers and computer hardware from China installed in U.S. government computer networks might provide a secret gateway for hackers to tap into secure government databases.

Sources told ABC News the counterfeit hardware could represent a major breach to national security. An FBI PowerPoint presentation, which somehow ended up on a Web site, lays out the concerns and the breadth of what has been a far-reaching investigation.

Friday afternoon a somewhat miffed FBI released a statement that read: "At the request of another federal government agency, on Jan. 11, 2008, the FBI's Cyber Division provided an unclassified PowerPoint presentation and briefing on efforts to counter the production and distribution of counterfeit network hardware," said FBI Cyber Division Assistant Director James Finch. "This unclassified briefing was never intended for broad distribution or posting to the Internet."

Finch goes on to talk about Operation Cisco Raider, which "targeted illegal distributors of counterfeit network hardware manufactured in China and included 15 investigations across nine FBI field offices and the execution of 39 search warrants."

According to Finch, the FBI "disrupted a large distribution network and recovered approximately 3,500 counterfeit network components with an estimated retail value of over $3.5 million."

In total, authorities around the world, including in the United States, Canada and China, made more than 400 seizures with an estimated value of $76 million. In one instance, the Royal Canadian Mounted Police seized 1,600 pieces of counterfeit Cisco routers.

In other words, government officials, defense contractors and universities thought they were getting top-notch products from Cisco, a well-regarded American company. Instead, they were buying counterfeit equipment that originated in China, which traveled a circuitous route to its final destination.

Those phony Chinese routers, switches, converters and interface cards were sold to the U.S. Naval Academy, U.S. Naval Air Warfare Center, U.S. Naval Undersea Warfare Center, the General Services Administration, the U.S. air base in Spangdahlem, Germany -- which is home to the Air Force's 52nd Fighter Wing -- and defense contractor Raytheon.

Some parts ended up in networks serving the Marine Corps, Air Force, Federal Aviation Administration and the FBI.

The cheap, lower-quality equipment led to some system failures and other problems. The real concern, though, is whether this computer hardware represents some sort of Trojan horse that can be manipulated by hackers to steal sensitive information.

Cisco spokesman John Noh told ABC News via e-mail that the company has extensively tested counterfeit equipment purporting to be made by the company, and though not "technically inconceivable," the company's tests "have not found a single instance of software or hardware that was modified to make them more vulnerable to security threats."

Noh acknowledged that counterfeiting of computer technology is "an industrywide issue," but that Cisco has an internal team dedicated to preventing damage from counterfeiting and that the company works with law enforcement in its investigations.

According to the FBI PowerPoint, Cisco controls 80 percent of the computer router technology market.

The FBI and a number of government agencies are now examining the hardware trying to determine if there has been a massive security breach.

The People's Republic of China has not been accused of orchestrating the counterfeit sales, but for several years, U.S. officials have been investigating a wave of government computer breaches thought to have originated in China.

Cisco has been working with U.S. investigators and representatives from China's Technical Service and Public Security bureaus since 2003 to combat the counterfeiting of its routers.