Careers & Certifications

04:38 PM
Connect Directly
RSS
E-Mail
50%
50%

How Dangerous Was The Cisco Code Theft?

Some say stolen Cisco Systems source code used in an attack on government and university systems is no longer a threat, but others disagree.

A recent hacker attack that compromised some of the crucial equipment powering the Internet has sparked a debate on whether the stolen Cisco Systems code used to penetrate the complex systems still poses a threat to the web.

Experts have argued for years whether software that has its source code freely distributed is more, or less, secure than proprietary applications. Code for the open-source Linux operating system, for example, is available to anyone, and many experts argue that makes it more secure than Microsoft's proprietary Windows.

"The availability of source code is a long discussed, unanswered question," said Art Manion, Internet security analyst at the CERT Coordination Center at Carnegie Mellon University, which provides incident response services to sites that have been attacked. "There are arguments for having source code available that, whether intentionally or by misappropriation, may allow someone to break into a system, or it could allow the good guys to find problems and fix them."

The debate was rekindled last week when The New York Times reported the arrest of a Swedish teenager suspected of boring into the critical aerospace and academic systems at NASA's Jet Propulsion Laboratory, the Patuxent River Naval Air Station, the White Sands Missile Range, the University of Minnesota, University of California at Berkeley, and other facilities.

The teenager allegedly used stolen source code from the operating system of Cisco routers to reach into the supercomputing network known as the TeraGrid. Once there, the suspect allegedly gained access to at least 50 systems throughout the Internet. The teen was arrested by the FBI and Swedish police, and later released to his parents.

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed