AN INSECURITY EXPERT at IBM reported to the Black Hat conference that he discovered Cisco routers are vulnerable to a potential surveillance backdoor.
According to Arstechnica, Tom Cross, security systems researcher at IBM, gave a presentation exposing the backdoor to demonstrate how the 'lawful intercept' function in Cisco's system can be targeted by hackers to gain access to data flowing through the routers.
Hackers aren't blocked after failed attempts to access a Cisco router and notification alerts aren't sent to the administrator. Making matters even worse, ISPs can't detect and track who the culprits might be because their employees aren't allowed to detect and intercept.
It is not entirely Cisco's fault. The 'lawful intercept' function was deployed after a US Federal Communications Commission (FCC) ruling a few years ago that allowed wiretapping by law enforcement agencies on all networking hardware. All telecommunications vendors had to build monitoring solutions into their hardware.
However this ruling meant all equipment with the lawful intercept functions had gaping holes that left them open to back door surveillance attacks.
Cross told Cisco about the problem in December and it issued a patch. But there are still a lot of vulnerable systems out there because network administrators haven't applied the patch. µ