The Sunday article, based on leaked NSA documents, said an NSA unit had “burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei.” The report also named a variety of other manufacturers, both American and non-U.S., as targets of NSA cracking.
Der Spiegel on Monday said the affected products include the company’s 500-series PIX and ASA (5505, 5510, 5520, 5540 and 5550) firewalls. However, the documents date back to 2007, and newer products may also have been cracked.
In a Cisco blog post, the company said it was “deeply concerned with anything that may impact the integrity of our products or our customers’ networks” and was trying to find out more about the claims.
According to Cisco’s John Stewart; “As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products.”
U.S. manufacturers of networking equipment have long been required by a law called CALEA to build surveillance capabilities into their products. So when Cisco says it never works with governments to include backdoors, it’s worth noting that the company has several pages online describing the “lawful intercept” capabilities built into some of its equipment, allowing voice and data wiretaps, notes GigaOm.