But while American companies were being warned away from supposedly untrustworthy Chinese routers, foreign organisations would have been well advised to beware of American-made ones. A June 2010 report from the head of the NSA’s Access and Target Development department is shockingly explicit. The NSA routinely receives — or intercepts — routers, servers and other computer network devices being exported from the US before they are delivered to the international customers.
The agency then implants backdoor surveillance tools, repackages the devices with a factory seal and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some
SIGINT tradecraft … is very hands-on (literally!).
Eventually, the implanted device connects back to the NSA. The report continues:
In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network.
It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices. But the US is certainly doing the same — via redwolf.newsvine.com