Cisco Probes Report Of Source-Code Theft
Posted by
George V. Hulme and InformationWeek
May 18, 2004
Cisco Systems says it's investigating a report by SecurityLab, a Russian Web site, that the source code for its primary operating system was stolen last week.
In a statement E-mailed to InformationWeek on Monday, the networking-gear maker said it is "fully aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend. Cisco is fully investigating what happened."
The code reportedly leaked onto the Internet is Cisco's IOS 12.3, the most recent version of its network operating system which runs many of its routers and the hardware that supports the backbone of the Internet.
Security experts warn that if the report is true and Cisco's proprietary code has been made available on the Internet, hackers could comb through that code in search of potential security flaws. However, earlier this year, some code used in Microsoft's Windows NT and Windows 2000 operating system was leaked to the Internet and no major attacks can be attributed to that incident.
Cisco customers have been placed at risk due to a handful of security issues relating to Cisco's software in recent weeks. In mid-April, the company acknowledged a security flaw with its proprietary Lightweight Extensible Authentication Protocol and released a new version of that protocol which the company said eliminated the threat of attack.
Page: 1 | 2 | Next Page »
