Koziol investigated a similar break-in at the University of California at Davis, where a hacker also used a publicly known vulnerability to compromise the school's systems. As in the Cisco incident, the hacker inserted a virus that recorded the password whenever someone logged into a university's server. The hacker then used the same password to break into another system. The technique works because people frequently use the same login information on different servers.
"He would find one chink in the armor," Koziol said. "If you have just one system or desktop vulnerable, they can really leverage their access to penetrate the organization."
A Cisco spokeswoman directed inquiries to a statement on the Cisco website that said in part, "Cisco IOS source code is both copyrighted and protected as proprietary material. It is illegal to post it, make it available to others, download it or use it. Cisco will take all appropriate legal actions to protect its intellectual property."
Nevertheless, large companies, even security-minded ones like Cisco, can often have trouble keeping all their intellectual property and potential loopholes buttoned up.
"The larger an organization, the harder it is to secure it, with so many sub-companies, external consultants, and former employees still keeping access with their accounts after they quit," said Van Hauser, president of The Hacker's Choice, a website devoted to investigating and analyzing security vulnerabilities. "You have so many systems to secure. It is therefore very hard to defend a company as complexity rises."
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
