FBI investigating Cisco source code leak
Two sample source code files were posted on a Russian Web site
IDG News Service - The FBI is working with Cisco Systems Inc. to investigate the theft of computer source code from the networking company, said Paul Bresson, an FBI spokesman.
Law enforcement's confirmation of the theft comes amid scant information on the fate of Cisco's code, days after two sample source-code files from the company's Internetworking Operating System (IOS) were posted on a Russian Web site -- a small piece of what was said to be more than 800MB of IOS code (see story).
The FBI couldn't provide further details, beyond confirming that it is working with Cisco, Bresson said.
According to a posting on www.securitylab.ru, malicious hackers made off with code for Version 12.3 of IOS after "breaking the Cisco corporate network." IOS is a proprietary operating system that runs on much of the networking hardware that Cisco makes. Cisco acknowledged the theft yesterday but provided few details about how the source code was obtained.
"Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend," the company said in a statement. "Cisco is fully investigating what happened."
The 2.5MB of source code were provided to Securitylab.ru over an Internet Relay Chat (IRC) channel by somebody using the online name "Franz," and is said to be a small part of the stolen code.
The theft parallels a similar crime in February, when thieves made off with source code for Microsoft Corp.'s Windows NT and Windows 2000 operating systems (see story). That code's leak is believed to have led to the discovery of at least one security hole in the company's Internet Explorer 5 Web browser, which could allow an attacker to gain control of a computer by using a specially crafted bitmap file.
The theft of the IOS code could be more serious, because Cisco's products frequently connect directly to the Internet and aren't protected by firewalls and other security products, said Ken Dunham, director of malicious code at iDefense Inc. in Reston, Va.
"With access to the source code, hackers could compile and test it rigorously, just like a developer, and find new vulnerabilities or attack points," he said.
However, the malicious hackers who made off with the IOS code have so far taken a different route than those who stole the Microsoft code, Dunham said. In the Microsoft theft, copies of the leaked code quickly appeared on peer-to-peer file-sharing networks and was being swapped and discussed in online forums such as discussion lists and IRC channels.
With the Cisco code, however, the culprits haven't released all thecode they claim to have stolen, and little information about the stolen code was available on the Internet yesterday.
The lack of information may mean that the criminals behind the theft are more interested in selling the stolen code than in receiving accolades from the malicious hacker community, Dunham said. "It seems like they're making a legitimate attempt to maintain control of the code and maybe try to make some money from it," he said.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cybercrime and Hacking White Papers | Webcasts