Wendy Only

A recent theft of Cisco Systems Inc,’s Internet Operating System sourcecode could have far reaching security implications for the entire Internet, since much of the backbone is formed using Cisco infrastructure. The FBI has been working with Cisco systems to trace the thieves after samples of the sourcecode appeared on a Russian Web site. The thief allegedly compromised a Sun Mircosystems server on Cisco’s network and then posted a link to the sourcecode files at an FTP site in the Netherlands. According to a Russian security firm, 800 MB of sourcecode from Cisco, which included developmental-version software, was stolen and posting on www,securitylab.ru, malicious hackers made off with code versions 12.3 of IOS after “breaking the Cisco corporate network.” Internet Operating System (IOS) is a proprietary operating system for routers and similar networking hardware made by Cisco.

The release of the Cisco IOS sourcecode came only months after someone illegally posted an incomplete version of Microsoft 2000 sourccode on the Internet. While Windows 2000 has been replaced by XP, it still shares some sourcecode with 2000. It’s uncertain what the motive behind either attack might be, but the data may make it easier to exploit vulnerabilities in the software.

Police in the U.K have arrested a 20-yearold man in connection with the case who is suspected of committing “hacking offenses” under the country’s Computer Misuse Act of 1990. The suspect has been released on bail, but computer equipment has been seized to discover forensic evidence. Police have not released further details since the investigation is ongoing.

It’s unclear what the ramifications are regarding the stolen sourecode, and whether a hacker may use it to exploit systems in the future. Normally, networking software can only be manipulated using a management terminal located inside the site. A hacker would likely require considerable knowledge of a network to make use of the sourcecode. It may be more of a PR problem for Cisco, since their current branding slogan describes a Self-Defending Networking and their image could be tarnished by such attacks on their network.

1.    What implications are there for Cisco if trade secrets were compromised in the hacker’s release of the sourcecode?

2.    How was the hacker able to breach the network defenses at Cisco?

3.    Have there been any network attacks using the stolen software since the hacker’s attack in 2004?