I received this Powerpoint from one my professors at James Madison University Infosec (Thanks Brett). It turns out there is a rampant issue with the creation, sale, and purchasing of counterfeit information technology hardware. Specifically the report calls out Cisco related products such as routers and switches. These are the very devices that make up the heart and soul of the Internet. While I guess I always knew that the possibility was there for reverse engineering of and thus construction of counterfeit hardware, I never really saw it in writing somewhere that outlines the severity of the issue. Check out the slide deck for more details.

What makes this really scary is that the creation of counterfeit hardware lends itself very well to the introduction of low level firmware based rootkits and other subversive mechanisms. If foreign governments or crime syndicates were to really do this right, they would be selling counterfeit systems that capture and disseminate data or alternatively could be easily disabled in a time of war (information warfare techniques). The later would be extremely difficult to detect, with a high degree of assurance, especially if the implementation of the subversion was done sparingly and not on all devices.

Scary stuff huh?