Comment are off

Rising risk and importance of the vendor backdoors

Backdoors are not only a problem regarding the original insertion made by the vendor, but also about the subsequent usage of these backdoors once discovered. In the recent network storage equipment backdoors (HP Keeps Installing Secret Backdoors in Enterprise Storage), the Huawei network element backdoors or the usual network equipment or DSL-router backdoors, these are now clearly a real and strong threat to enterprises.

One interesting fact in the recent “Consolidated risk matrix” referenced by german BSI and produced by Deutsche Telekom, Vodafone and 1&1 Internet is that “Telecommunication and Network equipment backdoors” are one of the top rated vulnerabilities (4th top risk):


(Table extracted from the 1&1, Deutsche Telekom and Vodafone study, in german, and translated by Google Translate)

The nature of these backdoors is already troubling. The people you trust your data and business with are the one who betray you by having secret access to your systems, even if you secure these to the maximum known best practices.

What’s worse with critical network element is that these backdoors can be activated from a great numbers of entry vectors, and can exfiltrate data by an even bigger set of vectors:

P1 Vector for backdoors 3

The great difference in countries preparedness at the telecom and mobile level shows extreme discrepancies in the awareness and maturity regarding the telecom and mobile security.

The National Information Security Agencies have had mixed results in their attempts to regulate security or help the operator improve their security due to the resistive posture taken by some operators, vendors and industry association and many cover-up of internal and external compromise of telecom critical infrastructure.

The liability of operators and vendors is huge with regard to this matter, most notably with VIP eavesdropping consequences and with the potential for general public class actions where law permits.

About the Author