Wednesday, June 23, 2021

Cisco Investigating Stolen Source Code

Cisco’s big push into the corporate security space took a big hit over the weekend when hackers broke into its corporate network and stole chunks of the source code for the popular IOS operating system.

Cisco spokesman Jim Brady confirmed the launch of an investigation into the network breach but declined details on what was stolen. “Cisco is aware that a potential compromise of its proprietary information occurred…Based on preliminary data, we don’t believe any confidential customer information or financial systems were affected,” he told internetnews.com

The Cisco response came after a Russian security Web site reported that hackers broke into the switching and routing giant’s network and stole 800MB of source code for IOS 12.3 and 12.3t. Samples of the code were reportedly posted on an underground IRC channel as proof of the breach.

The IOS
12.3
operating system powers Cisco’s networking product suite, including routers used in homes, small businesses and the 7000 series that comprise the Internet backbone.

The company declined comment on the specifics of the breach until its security unit completes an investigation. “It appears that this occurrence was not the result of any exploitation or a vulnerability of any product or service offered by Cisco,” Brady said. “[We do not believe] it was the result of any malicious action by any Cisco employee or contractor.”

Asked if news of the breach could put a damper on the company’s well-documented integrated security push, Brady made it clear the network hack was not the result of a software or product flaw.

Still, it comes at a crucial time for the San Jose, Calif.-based firm which dominates the market for network and switching equipment. In recent months, Cisco has been on a shopping
spree
for companies in the security business, scoring deals to acquire Riverhead Networks and Twingo Systems.

The company also rolled out a new “self-defending network” strategy that included the launch of security hardware and software.

Now, with portions of its latest IOS source code in the hands of malicious hackers, there is a legitimate fear that exploits could surface to attack Cisco products.

Cisco is not the only big-name software firm that has dealt with leaked source code this year. In February, portions of code for Microsoft’s Windows 2000 and NT operating systems were illegally posted on the Internet.

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...