The lawful intercept architecture in Cisco Systems’ networking products has been examined and found wanting by Tom Cross, manager of IBM’s X-Force research team. He discovered six vulnerabilities that could be exploited by criminals to intercept data transmissions.
According to the Communications Assistance for Law Enforcement Act, networks are obligated to allow government agencies to tap into the system and monitor the data flowing “to and fro and in between”. They are also required to provide interfaces to allow them to do so.
Government Computer News reports that some of the vulnerabilities in these interfaces derive from the use of Version 3 of the Simple Network Messaging Protocol in setting up the digital wiretap, that could allow for a brute force attack, and with it the possibility of securing login credentials to access the system. Once a malicious outsider gains entry, he could authenticate a fraudulent packet authorizing a wiretap, and forward the waylaid data to the destination of his choice.
Cross notes that among all the companies that offer such systems, Cisco is the only vendor that made its lawful intercept architecture public, so it is the only one he could analyze. Upon being notified about the existence of these flaws, Cisco corrected some of them.
Cross commends Cisco for publishing the interface, making it possible for others to test and point out flaws and possible improvements for the product. “We recognize that security is complicated and needs to be addressed in partnership with customers and peers,” said Jennifer Greeson, Cisco’s communications director.