Latest in Culture

Image credit: AP Photo/Paul Sakuma

Here's how the NSA spied on Cisco firewalls for years

A special attack tool let intelligence officers monitor encrypted VPN traffic.
2875 Shares
Share
Tweet
Share
Save

Sponsored Links

AP Photo/Paul Sakuma

Edward Snowden leaks revealed that the NSA had the ability to spy on Cisco firewall traffic for years, but just how did the agency do it? We now have a clearer idea. An analysis of data from the Equation Group hack shows that the NSA used a specialized tool, BenignCertain, that uses an exploit in Cisco's Internet Key Exchange implementation to extract encryption keys and read otherwise secure virtual private network data. Cisco has confirmed that the attack can compromise multiple versions of its old PIX firewalls, which were last supported in 2009.

The issue doesn't crop up in PIX 7.0 or in Cisco's newer Adaptive Security Appliance, but that isn't going to reassure many security experts. Ars Technica warns that there appear to be over 15,000 networks still clinging on to PIX, and there's a real possibility that many of them are vulnerable. Other platforms have comparable security holes, too, suggesting that the NSA might have snooped on many VPNs. To make matters worse, the Equation Group breach lets any would-be hacker use the exploit. While the past surveillance is alarming, you may need to worry more about everyday criminals going forward.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
2875 Shares
Share
Tweet
Share
Save

Popular on Engadget

The Morning After: PewDiePie is taking a break from YouTube in 2020

The Morning After: PewDiePie is taking a break from YouTube in 2020

View
Researchers bypass airport and payment facial recognition systems using masks

Researchers bypass airport and payment facial recognition systems using masks

View
Visa warns that hackers are scraping card details from gas pumps

Visa warns that hackers are scraping card details from gas pumps

View
Former NASA engineer thwarts porch pirates again with 'Glitter Bomb 2.0'

Former NASA engineer thwarts porch pirates again with 'Glitter Bomb 2.0'

View
Google pauses Chrome update for Android after reports of app data loss

Google pauses Chrome update for Android after reports of app data loss

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr