Symantec backtracks, admits own network hacked
Warns pcAnywhere users they face increased risk, confirms theft of source code of prominent consumer programs
Computerworld - Symantec today backed away from earlier statements regarding the theft of source code of some of its flagship security products, now admitting that its own network was compromised.
In a statement provided to the Reuters news service, the security software giant acknowledged that hackers had broken into its network when they stole source code of some of the company's software.
Previously, Symantec had denied that its own network had been breached, and instead pointed fingers at an unnamed "third party entity" as the attack's victim. Evidence posted by a hacker nicknamed "Yama Tough" -- a self-proclaimed member of a gang calling itself "Lords of Dharmaraja" -- indicated that the information was obtained from a server operated by the Indian government.
Two weeks ago, Symantec spokesman Cris Paden said that the hacker made off with source code of Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, enterprise products between five and six years old.
At the time, Paden downplayed the seriousness of the theft.
Today, however, Paden said that source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.
Some of those -- Norton Internet Security and Norton Utilities -- are among Symantec's most prominent consumer-grade products.
Symantec missed one bullet, however.
Last Saturday, Yama Tough promised to release more than a gigabyte of the source code for Norton Antivirus -- the hacker did not specify which version -- but he said the group has since reconsidered.
"We've decided not to release code to the public until we get full of it," Yama Tough wrote on Twitter Monday. "1st we'll own evrthn we can by 0din' the sym code & pour mayhem."
In the message, "0din'" likely stands for "zero-daying," meaning attacks launched against unpatched vulnerabilities.
Also on Monday, Yama Tough claimed that he had some or all of the source code for pcAnywhere, a multi-platform remote access suite that Symantec sells.
"PCAnywhere code is being released to blackhat community for 0d expltin!," said Yama Tough, again on Twitter.
Paden confirmed Yama Tough's claim when he told Reuters that pcAnywhere users face "a slightly increased security risk" because of the hacker's activities.
"Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information," Paden said.
Paden did not reply to Computerworld's requests for comment on Symantec's revised statement.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts