Are CISCO routers at risk?

(To Alessandro Rugolo)
10/06/19

A few days ago, on Wired, an article was published with a disturbing title: "A Cisco router bug has massive global implication".
According to reports, security researchers have discovered serious vulnerabilities in different models of Cisco routers: the problem seems to be related to the control that the routers perform to verify the validity of the updates they receive from the parent company. In particular, several models of Cisco 1001-X series seem to be affected by the vulnerability discovered. Cisco, for its part, announced that it is working on solving the problem.

Red Balloon Security researchers exploited two router vulnerabilities:
- a bug in the Cisco IOS (the operating system of Cisco routers), a vulnerability that allows unauthorized persons access to the router at root level (maximum level of access) and the possibility to modify any parameter (in particular the routes);
- the second vulnerability allows, once root access is obtained, to bypass the fundamental security system of the routers, the so-called "Trust Anchor", implemented in virtually all Cisco routers starting from the 2013.

The Wired article alludes to the possibility that, with more or less changes to the routers of the different families, potentially hundreds of millions of routers can be hacked around the world, routers of companies as well as civil and military public organizations.

The CEO and founder of Red Balloon Security, Ang Cui, said that his company showed that it is possible to permanently disable the Trust Anchor and thus arbitrarily change the data of the Cisco routers making the system continue to report of work properly.

It must be said that Ang Cui is not new to these discoveries, already years ago he had shown that it was possible to hack Cisco digital phones. Cisco responded with a patch that Ang Cui proved to be ineffective. With another research work he showed that it was possible to hack HP network printers.

Ang Cui claimed to have received funding from various US organizations (including DARPA) for his research work and has been leading his company for years, which among other things produced a system capable of theoretically securing any IoT (Internet of Things) system called Symbiote Defense System.

To close with something useful, for network and system administrators we recommend the application of the patches indicated by Cisco. As we have done other times we invite everyone to study their network carefully, convinced that the knowledge of what is administered is the basis of security, and to apply the patches.

Instead, the Managing Directors and the Boards of Directors give a suggestion at their level, inviting them to make every effort possible to entice their staff to marry the culture of safety and to invest the right to manage the risk linked to the ever increasing pervasiveness of technology.

One thing is certain, with each passing day it becomes increasingly clear that the world we have relied on is not what we thought. More and more "complex" and far from certain, it makes you think of an old US 1999 film, Matrix, in which it was possible to enter and exit the network due to programming bugs. A world in which, absurdly, Agent Smith was able to take the place of a person through some "digital magic".
Well, that fantastic world is now around us ...

To learn more:
- https://www.wired.com/story/cisco-router-bug-secure-boot-trust-anchor/
- https://www.bbc.com/news/technology-48269600?intlink_from_url=https://ww...
- https://www.redballoonsecurity.com/
- https://www.enterpriseai.news/2015/09/22/from-hacker-to-iot-security-her...
- https://www.extremetech.com/computing/145371-your-worst-office-nightmare...
- https://arstechnica.com/information-technology/2011/11/hp-printers-can-b...
- https://www.cyberscoop.com/cisco-router-vulnerabilities-future-prevent-s...
- https://www.cisco.com/c/en/us/products/collateral/security/cloud-access-...