Chambers: We're Making It Tougher For Feds To Tamper With Cisco Gear


Cisco Systems CEO John Chambers said the networking leader is going to make it tougher for groups like the U.S. National Security Agency (NSA) to meddle with Cisco gear for surveillance purposes.

"We are going to make [Cisco] equipment very difficult to tamper with," Chambers said in a recent interview with CRN. "We are going to ship it with a lot of information on it, and we are going to say 'How do we do this better than anyone else?'"

Cisco will alert customers at any sign of their Cisco equipment having been compromised, Chambers added.

[Related: CRN Exclusive: 30 Tough Questions For Cisco's John Chambers]

"If we find anyone -- doesn't matter if it's hackers or governments -- involved in any of our customer environments anywhere in the world, we tell our customers, period," Chambers said. "And we do that in the U.S., in Europe and China and India. And we have done it."

Chambers' comments to CRN came roughly two months after the book No Place To Hide by Glenn Greenwald showed photos suggesting the NSA had intercepted Cisco networking gear being shipped overseas to install backdoors for surveillance.

Chambers wrote a letter to President Obama, just days after the photos hit, asking him to curb NSA spying efforts. Chambers said in the letter that the confidence of Cisco customers globally is becoming "eroded" by revelations of U.S. government spying.

When asked if the U.S. government has given Cisco any assurance that it is not tampering with Cisco gear, Chambers said he didn't know of "any government that has given those assurances."

The 19-year Cisco CEO said the company does not share the core software supporting its technology because "if you get the software you can eventually, with the processing power, figure out how to break it."

"We don't provide backdoors," he said.

Cisco's business abroad, specifically in China, has taken a hit in the aftermath of NSA whistleblower Edward Snowden. In Cisco's third-quarter earnings report released in May, the San Jose, Calif.-based networking giant said its business in China was down 8 percent compared to the same period last year.

It's not a trend that's unique to Cisco. A 2013 report from Information Technology & Innovation Foundation, cited last month by the Wall Street Journal, said the Snowden leaks could cost U.S. cloud computing companies between $22 billion and $180 billion by 2016.

Chambers is one of several high-profile technology CEOs calling for a new set of ground rules around NSA surveillance. At HP's Discover event in June, HP CEO Meg Whitman urged the U.S. tech industry to weigh in on government surveillance, while Microsoft CEO Satya Nadella suggested NSA reform was a necessary move to regain customer trust.

Chambers, for his part, said he would like to see strict "rules of the road" established in terms of what is and is not allowed to occur in the global technology supply chain.

"Basically, in terms of, if [anyone] find problems, it doesn't matter if it's my products, or Alcatel Lucent's products, HP's products or Huawei's products," Chambers said. "If you find those weaknesses, I think they ought to tell the vendor, 'You got a problem, go fix it.'"

Solution providers told CRN that they have not yet noticed any major fallout within their own customer bases as a result of the NSA leaks.

"I've been in customer meetings the last two days -- and these are financial institutions that are worried about compliance and regulations -- and I haven't heard any concerns around this," said Bill Smeltzer, CTO at Focus Technology Solutions, a Seabrook, N.H.-based Cisco partner.

"Certainly it's a topic of conversation with customers," said Jason Parry, vice president of client solutions at Force 3, a Crofton, Md.-based Cisco partner focused on the federal market. "But they are more curious that they are concerned, necessarily, so it hasn't had any impact -- not yet, anyway."

Chambers stressed Cisco aims to bolster its security portfolio, in general, in its quest to become the industry's No. 1 security player. Cisco has made several recent acquisitions in the security space, including its $2.7 billion buy of cybersecurity specialist Sourcefire in July 2013 and its acquisition of ThreatGRID, a provider of malware analysis and sandboxing solutions, in May for an undisclosed amount.

"We are going to lead in terms of data security and you are going to see us start to really focus on security as a whole," Chambers said.

PUBLISHED AUG. 7, 2014