Cisco chief executive John Chambers has written to the US president expressing his concerns over alleged NSA interceptions of US networking equipment
Cisco chief executive John Chambers has written to US President Barack Obama warning that the surveillance activities of the US government are undermining the confidence of export customers in the security of US-made technology.
The letter, which has circulated online, is dated Thursday, 15 May, shortly after publication on Monday by The Guardian of a book excerpt describing the activities of the US National Security Administration (NSA) in intercepting shipments of US-made IT equipment before they reach customers, modifying it in order to gain better access to surveillance targets.
‘Integrity and security’
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State, written by Guardian journalist Glenn Greenwald, does not cite Cisco by name, but includes a photograph that depicts a box stamped with Cisco’s logo being opened by people who are allegedly NSA agents.
In the letter, Chambers said such actions risk undermining confidence in the “integrity and security” of US-made products.
“We simply cannot operate this way, our customers trust us to be able to deliver to their doorsteps products that meet the highest standards of integrity and security,” Chambers stated in the letter. Cisco confirmed that Chambers had sent the letter.
The NSA intercepted and modified equipment including routers, servers and other network devices, according to Greenwald.
“If these allegations are true, these actions will undermine confidence in our industry and in the ability of technology companies to deliver products globally,” Chambers wrote. In its financial call last week, Cisco said customers in some developing economies had delayed purchases due to the NSA scandal.
The letter urged Obama to personally push for “guidelines and reforms” that can be “honoured across the globe”.
He said the economic benefits of the Internet to the US could be “eroded” by the NSA’s policies, which could result in a “fragmented” Internet that fails to deliver on its “promise”.
“Absent a new approach where the industry plays a role, but in which you, Mr President, can lead, we are concerned that our country’s global technological leadership will be impaired,” he wrote.
The letter echoes sentiments expressed in a 13 May blog post by Cisco senior vice president and general counsel Mark Chandler, who said law-abiding US companies ought to be able to count on the US government not to tamper with their products.
“We comply with US laws, like those of many other countries, which limit exports to certain customers and destinations; we ought to be able to count on the government to then not interfere with the lawful delivery of our products in the form in which we have manufactured them,” Chandler wrote.
Greenwald wrote that the NSA “routinely” receives or intercepts shipments of “routers, servers and other computer network devices” being exported from the US.
“The agency then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on,” he wrote. “The NSA thus gains access to entire networks and all their users.”
US’ ‘intelligence mission’
The NSA responded that customers should not be concerned about the security of US-made networking products, with a representative telling The Wall Street Journal that the proof of this should be that the US government itself uses these same products.
As for the intelligence-gathering activities reported by Greenwald, the NSA said that they are perfectly in line with the US’ wider role of assuring world order: it is true that “foreign intelligence targets” should indeed be worried, but “innocent users” have nothing to be concerned about, the agency said.
“The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected,” an NSA spokeswoman told the Journal.
According to Greenwald, the NSA’s intelligence activities bring to light another dimension of the US government’s criticism of Chinese networking equipment manufacturers as posing a national security threat: if the NSA was planting backdoors into US networking equipment, it would seem all the more probable that Chinese authorities were carrying out similar activities.
In a 2012 report, the Intelligence Committee of the US House of Representatives alleged that Chinese manufacturers Huawei and ZTE could not be “trusted to be free of foreign state influence”, and “thus pose a security threat to the United States and to our systems”.
The report called for their products to be banned, and in fact Huawei withdrew from the US market in 2013, partly as a result of such pressures.
Such an attitude might seem hypocritical, but the NSA said it follows from the US’ position as the pre-eminent world power. “The implication that NSA’s foreign intelligence collection is arbitrary and unconstrained is false,” the NSA told The Financial Times.
Indeed, as Greenwald pointed out, the US government’s pressures against Chinese-made networking equipment is logical, because it prevented “Chinese devices from supplanting American-made ones, which would have limited the NSA’s own reach”.
US IT companies have, for their part, made it clear that they would prefer the US government not to be so forward with its intelligence-gathering activities, with eight technology companies including Apple, Facebook and Google in December calling for reforms of existing practices.
In his blog post last week, Cisco’s Chandler admitted that societies should not be “wracked by terror”, but said that the US government has perhaps “overreached”.
Are you a security pro? Try our quiz!