Cisco Probes Report Of Source-Code Theft

It's probing a report by a Russian Web site that the source code for IOS 12.3, its primary operating system, was stolen last week.

George V. Hulme, Contributor

May 17, 2004

1 Min Read
InformationWeek logo in a gray background | InformationWeek

Cisco Systems says it's investigating a report by SecurityLab, a Russian Web site, that the source code for its primary operating system was stolen last week.

In a statement E-mailed to InformationWeek on Monday, the networking-gear maker said it is "fully aware that a potential compromise of its proprietary information occurred and was reported on a public Web site just prior to the weekend. Cisco is fully investigating what happened."

The code reportedly leaked onto the Internet is Cisco's IOS 12.3, the most recent version of its network operating system which runs many of its routers and the hardware that supports the backbone of the Internet.

Security experts warn that if the report is true and Cisco's proprietary code has been made available on the Internet, hackers could comb through that code in search of potential security flaws. However, earlier this year, some code used in Microsoft's Windows NT and Windows 2000 operating system was leaked to the Internet and no major attacks can be attributed to that incident.

Cisco customers have been placed at risk due to a handful of security issues relating to Cisco's software in recent weeks. In mid-April, the company acknowledged a security flaw with its proprietary Lightweight Extensible Authentication Protocol and released a new version of that protocol which the company said eliminated the threat of attack.

Just weeks prior to that incident, a hacker attack tool, dubbed "Cisco Global Exploiter," surfaced on the Internet. The tool makes it possible for hackers to attack nearly a dozen security vulnerabilities found in various Cisco products.

About the Author

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights