NATIONAL SCIENCE FOUNDATION OFFICE OF INSPECTOR GENERAL OFFICE OF INVESTIGATIONS CLOSEOUT MEMORANDUM Case Number: 1-11-10-0040 Page 1 of 1 We received word that an NSF videoteleconference device used as part of the U.S. Antarctic Program and operated by the USAP contractor1 had been compromised by an unknown party, by means of an internal device command that allowed an intruder to place a phone call to the device, invoke the internal command, and acquire an umestricted outgoing phone line for placing further calls. AT&T noticed unusual outgoing international calling activity on the device and notified the contractor, which notified NSF. Numerous short-duration calls were made to numbers in various 2 foreign countries. We notified the FBI, which questioned contractor officials, and used subpoenas to acquire information about the numbers dialing into the device. The intruder used one number for most of the intrusions. We traced the number back to a major trunk line used by the U.S. affiliate3 of a foreign company,4 and provided an update to the FBI. Although we acquired additional records for the voluminous calls made and received on the affiliate's trunk line for a time period surrounding the days when the intrusions occurred, we could not establish any additional investigative leads through our analysis of the records. We were unable to identify a responsible party, and the FBI could not identify a basis for opening a criminal case. Accordingly, this case is closed with no further action taken. 1 Raytheon Polar Services Company. 2 The countries include Canada, Philippines, Maldives, Guinea, Mauritania, Zimbabwe, Djibouti, Gambia, Senegal, Sierra Leone, Libya, Somalia, Algeria, Gabon, Bulgaria, and Comoros. 3 Future Wei Technologies, Inc. 4 Huawei Technologies. NSF OIG Form 2 (11/02)
Published by the National Science Foundation, Office of Inspector General on 2014-04-07.
Below is a raw (and likely hideous) rendition of the original report. (PDF)