IT customers warned of spying attempts by vendors

Trust among software vendors are under strain once again as customers are being warned against spying attempts of suppliers and equipment manufacturers.

According to global advisory and consulting firm Ovum, some undocumented privileged administrator accounts have been discovered in new network routers belonging to two telecoms service providers.

Ovum said the attacks can have serious consequences for enterprises as they threaten the commercial health of the communications service provider and its major customers. Yet these illicit activities also have implications for national security whenever carrier networks are attacked, said Graham Titterington, information security principal analyst at Ovum.

"This is not the first time that we have seen attempts to hack into enterprise and carrier networks by infiltrating network routers" Titterington said, noting that at the time of the Athens Olympic Games, rogue software in four mobile switching centers illegally intercepted calls by Greek politicians, including the Prime Minister, for a year. After the discovery of the software, both the network operator and the equipment vendor were fined several million euros.

And only recently, Titterington said the US government detected an attack on IT systems in the Pentagon in 2007, wherein 1,500 computers were found to have been compromised.

Titterington commented the latest attacks on the carrier networks raises serious concern about the motives of the people or organizations that created them. He said such "back doors" could be used for both active and passive attacks on the networks. They call into question the reliability of the vendor and its products.

The Ovum analyst noted that risk is much greater in this age of IP-based communications than it was with traditional telecommunications networks because network control and payload are not segregated.

"There must be a relationship of trust between vendors and their customers, ideally based on a culture of partnership," he said. "Customers, in both the service provider and enterprise communities, need to place trust at the top of their criteria when selecting suppliers."

Ovum's report highlighted that enterprises and carriers alike are dependent on the integrity of their suppliers and the trust relationship is crucial to both parties.

"Vendors who fail to establish their integrity should be struck off supplier short lists," Titterington said, adding enhanced network audit procedures would uncover this spook account type of exploit, but a vendor hacker could turn to embedding the spyware in the code of the product, making it much more difficult to detect.

"Insofar as this threat impacts on critical national infrastructure and national security we can expect governments to take an increasing interest in this issue," he said. "However any response will be fragmented due to the limits of jurisdiction of any government. The United States is likely to lead the way in government oversight. President Obama's recent announcement on cyber security shows that the current administration is giving a much higher priority to the problem than previous administrations.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments