Furthermore, while it would be possible to block repeated attempts at unauthorized access, and alert an administrator, the system that Cross analyzed isn’t designed to do so. And finally, although Cisco recommends that encryption be used, the system doesn’t require it. Without encryption, Cross says, it’s impossible for a lawful intercept system to function safely.
Cross suggests that simple changes to the SNMP protocol could make it much more secure. He also calls for companies to implement the system in a more secure way–by separating lawful intercept requests from regular network management traffic, encrypting data, and enforcing stricter controls over where requests come from and where intercepted data is sent.
Jennifer Greeson Dunn, communications director for Cisco, says the company published its lawful intercept infrastructure in 2004 so that it could receive this type of peer review. She also says that Cisco has already addressed many of the software and hardware vulnerabilities that Cross has found. She adds that Cisco has been talking with Cross, and plans to review his recommendations for changes to the architecture and infrastructure employed.
Although some experts say the entire concept of a permanent interface for intercepting communications undermines security, Cross believes that a system such as Cisco’s can help ensure that intercepts are performed lawfully, providing it is properly protected against unauthorized access.
Steven Bellovin, a professor of computer science at Columbia University who researches network security, says that if lawful intercept systems must exist, he would like to see them offer better protections. “It’s engineering a vulnerability into your network, and the question is how well you can protect it,” he says.