Iran accuses the US of using hidden backdoors or pre-installed botnets to disable networking equipment inside the country during recent military attacks. It claims that devices from Cisco, Juniper, Fortinet and MikroTik were knocked out at critical moments.
The claim, which was put forward originally from Iranian state media and later by foreign media and Chinese publications, it focuses on hardware failures.
According to reports from Fars and Entekhab, Tehran believes the outages indicate deep sabotage rather than ordinary technical errors.
One theory is that there is malicious code in the firmware or bootloaders. Another suggests that a secret botnet was installed on the affected devices and was activated during the attacks.
This does not mean that the claim has been proven, but independent verification is nearly impossible because Iran has spent weeks significantly restricting internet access.
NetBlocks Reported this week that the country's power outage had exceeded 50 days, while Al Jazeera reported that authorities were still granting limited, staggered connectivity through the "Internet Pro” and less restricted access with “white SIM"for selected groups. In fact, even the power outage that Tehran is experiencing does not help to verify the accusation.
But the suppliers named by Iran have a history of security problems. Leaked NSA documents from the Edward Snowden the 2014 showed that the service monitored Cisco routers during transport and installed implants before delivery.
Meanwhile, Juniper disclosed unauthorized code in ScreenOS in 2015 that could allow remote administrative access and VPN decryption.
Although the press releases will range from very select to rare, I said I'd pass...because sometimes the editors hide.
