[afnog] Cisco Source Code Reportedly Stolen

Tue May 24 13:55:39 EAT 2005

Brian,

2004 news?

SF.

At 08:16 PM 5/23/2005, Brian Longwe wrote:
>This is really scary!
>
>-----------------------------------------------------
>Cisco Source Code Reportedly Stolen
>By Steven J. Vaughan-Nichols
>May 18, 2004
>
>The FBI confirmed Tuesday that it is working with Cisco Systems Inc.
>to investigate the possible theft of source code for Cisco's main
>networking device operating system.
>
>FBI spokesman Paul Bresson said that the FBI is lending its
>"assistance" into the "possible" theft. "We are aware of it, and
>we're working with [Cisco] to resolve whatever issues may exist,"
>said Bresson, in Washington, D.C.
>
>According to a Russian security Web site, criminal hackers broke into
>Cisco Systems' corporate network last week and stole 800MB of source
>code for IOS 12.3 and 12.3t (an early deployment version of the
>operating system containing features not found in the vanilla 12.3
>version). In addition, a 2.5MB sample of what is supposedly IOS code
>was released on an Internet Relay Chat channel as proof of the
>alleged theft.
>
>"Cisco is aware that a potential compromise of its proprietary
>information occurred and was reported on a public website just prior
>to the weekend," said Cisco spokesman Robert Barlow. "Cisco is fully
>investigating what happened. As a matter of policy, we take security
>very seriously and we continue to take every measure to protect our
>intellectual property, employee and customer information."
>
>IOS 12.3 is the newest main version of San Jose, Calif.-based Cisco's
>popular operating system. It's used across the company's networking
>line, including in home office routers (the 800 Series); those for
>branch offices (the 3700 Series); and those that comprise the
>Internet backbone (the 7000 Series). Other routers that use the
>operating system include the 1700, 2500, 2600 and 3600 Series.
>
>This could represent a major security threat not just for Cisco
>users, but for the entire Internet. According to the Dell'Oro Group,
>a market research firm that specializes in the networking and
>telecommunications industries, Cisco owns 62 percent of the core
>router market.
>
>With the proprietary source code in hand, criminal hackers could, in
>theory, create programs that could cause denial-of-service attacks in
>Cisco-based networks.
>
>Barlow said Cisco would "continue to actively monitor the situation
>and will respond according to established process and procedures,
>should the need arise."
>A previous major source code theft of parts of Microsoft's NT 4.0 and
>Windows 2000 has not led to any security violations. However the
>alleged theft of the Cisco source code, since it's both the most
>current edition and all of the code, has the potential to be more
>damaging.
>
>_______________________________________________
>afnog mailing list
>
>**************************************************************
>Scanned by  eScan  Anti-Virus  and  Content Security Software.
>Visit http://www.mwti.net for more info on eScan and MailScan.
>**************************************************************
>