The calling in of the FBI indicates the seriousness of the theft of Cisco software source code, but local customers are taking it in their stride.
On May 15 a Russian internet security website reported that 800MB of code from Cisco’s IOS (Internetwork Operating System) had been stolen from the company’s corporate network and posted on the internet. Samples of the code were posted on the Russian site.
A spokesman from US security firm iDefense says that with access to the source code “hackers could compile and test it rigorously just like a developer and find new vulnerabilities or attack points”.
Initially there was speculation the incident may be a hoax, but when Cisco called in the FBI to investigate the matter it looked to be real. But local users appear calm.
“I don’t think we have any concerns. I’m not aware of any,” AUT IT manager Calum MacLeod says. “It’s hard to say what the implications are, but I haven’t heard of any problems to do with it yet.”
Another Cisco customer who did not want to be named says the issue “is no longer a worry” for the organisation he works for.
Cisco Asia-Pacific spokesman Terry Alberstein says the theft wasn’t a result of vulnerabilities in Cisco’s networking hardware or software.
“There are multiple ways to assert a security breach in a company’s network and [the leak] wasn’t enacted by a Cisco device. Any breach would have come through something other than Cisco’s products or services.”
He wouldn’t elaborate on what the means of breach may be and wouldn’t confirm the specifics of the FBI investigation.
Customers are being kept informed of the situation through an advisory on Cisco’s website, “but there are no immediate customer issues that need to be addressed”.
The FBI has refused to comment on the theft, beyond confirming it is working with Cisco. The iDefense spokesman noted the case was different from that of Microsoft source code leaked in February, which appeared on peer-to-peer networks and was swapped and discussed online.
He believes the thieves may be more interested in selling the code “than receiving accolades from the malicious hacker community”, a view echoed by the other local Cisco customer.
“I think this is [a case of] someone wanting to gain some personal advantage.”
A Russian security consultant, Alexander Antipov, told US magazine InfoWorld he believes the thief compromised a Sun server on Cisco’s corporate network.