Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco Confirms Arrest In Theft Of Its Code

Posted by Zonk on from the crackdown-on-black-hats dept.

spafbnerf writes "Informationweek is reporting on Cisco Systems' confirmation of an arrest in connection with the theft of its IOS 12.3 source code last year. On Tuesday, The New York Times reported that federal officials and security experts have acknowledged that the theft of the Cisco source code was part of a wider pattern of thousands of attacks on military and research computers perpetrated by an unknown number of individuals." From the article: "The FBI fully recognizes the inherent sophistication and global nature of intrusion investigations...As such, we have worked hard to develop strong partnerships within the international law-enforcement community. In this case, we have been working closely with our international partners to include Sweden, Great Britain, and others. As a result of recent actions, the criminal activity appears to have stopped."

33 of 113 comments (clear)

  1. I can confirm this by kote-men-do · · Score: 3, Funny

    The parents of the teenager in question have taken all his pokémon games.

  2. do they believe it themselves? by nietsch · · Score: 5, Interesting
    As a result of recent actions, the criminal activity appears to have stopped.


    I read that as: "As a result, the criminals have realised they were being watched and have cleaned up their act, and have made sure they are not noticed by 'them' anymore.

    Now on to the FA.
    --
    This space is intentionally staring blankly at you
    1. Re:do they believe it themselves? by DarthVain · · Score: 3, Insightful

      "As a result of recent actions, the criminal activity appears to have stopped."

      I read that as: "As a result, the criminals have already gotten all the code they were looking for, and now have moved on. This is why there doesn't appear to be any more activity."

  3. Appears to have stopped - for now! by PacketScan · · Score: 4, Insightful

    They. Who ever they are, will be back if indeed it's more than a few people. When it comes down to it nothing is secure. There is always going to be a way for the smart/crafty to cercumvent anything put in place.
    Then again we could just write rock solid code. but that apparently is cost prohibitive.

  4. Over-confident by dbleoslow · · Score: 5, Funny

    "As a result of recent actions, the criminal activity appears to have stopped."

    Thanks to the bear patrol recently put in place in my neighborhood, all bear-related activity appears to have stopped.

    1. Re:Over-confident by NekkidBob · · Score: 5, Funny

      I wish to buy your tiger repelling rock...

  5. "appears to have stopped"... by SharpFang · · Score: 3, Funny

    lol omfg idiots bought it!!!
    Yeah. Stay put for 2 months more. And just in case you have something urgent, tunnel through Luser832, I have planted enough "evidence" on his PC to keep him in prison for 50 years.

    --
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  6. Too bad... by daveschroeder · · Score: 2, Funny

    Maybe the thief could have made IOS more stable and secure. I'm beginning to think anyone could do a better job...

    1. Re:Too bad... by 1evilmonkey · · Score: 3, Funny

      Thats why I have a Linksys wifi router. It works as good as everything else and has the nifty little cisco brand on it to make it look expensive and impressive.

      --
      crap
    2. Re:Too bad... by EvilTwinSkippy · · Score: 4, Funny
      I have found Cisco routers to be remarkably stable.

      We have a 7100 series that I use as a step-ladder to access stuff on a top shelf. It has never teetered or shifted.

      --
      "Learning is not compulsory... neither is survival."
      --Dr.W.Edwards Deming
  7. If you're gonna get "nicked" by Cisco... by pandrijeczko · · Score: 2, Funny

    ...at least walk out with a 6500 router under your coat that you can flog on Ebay!

    --
    Gentoo Linux - another day, another USE flag.
    1. Re:If you're gonna get "nicked" by Cisco... by CrankyFool · · Score: 3, Funny

      That's a horrible idea, and I wish slashdot would stop advocating these sorts of measures.

      When was the last time you tried lifting a 6500, let alone walking with it under your coat? Only do this if you manage to drive out with a 6500 router AND Chambers' Porsche*.

      *No, I don't know what he drives. Artistic license.

    2. Re:If you're gonna get "nicked" by Cisco... by Des+Herriott · · Score: 2, Funny

      That'd be an achievement, given that a 6500 is a switch.

    3. Re:If you're gonna get "nicked" by Cisco... by pandrijeczko · · Score: 2, Funny
      In a penal establishment somewhere...

      "Moi name's Slasher, I'm doin' time for armed robbery. This 'ere's Pistols, 'e killed his parents. Whas yer name, sonny, and whachoo in 'ere for?"

      "I am being Hans, I am Svedish, I took code from Cisco."

      "Well, 'Ans, drop yer trousers, grab yer ankles and let's see where yoov 'idden it then.."

      --
      Gentoo Linux - another day, another USE flag.
  8. Theft? by Anonymous Coward · · Score: 4, Funny

    More like "liberation".

    Information wants to be free.

  9. Appearances are deceiving by digitaldc · · Score: 3, Funny

    "As a result of recent actions, the criminal activity appears to have stopped."

    Wow, that statement really made me feel better.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  10. Someone Better Talk to Bush by geomon · · Score: 2, Insightful

    As such, we have worked hard to develop strong partnerships within the international law-enforcement community.

    Had Bush known that this was occurring, he would have stepped in and stopped this attack on US sovereignty.

    We all know that the US will always choose the unilateralist role in defeating enemies of the State.

    (chill... It is a joke.)

    --
    "Rocky Rococo, at your cervix!"
  11. In other news by markov_chain · · Score: 2, Funny

    Eurasia is now at peace with Oceania, and the harvests of grain improved 20% compared to last year ;)

    --
    Tsunami -- You can't bring a good wave down!
  12. Phew! by Dirtside · · Score: 4, Funny

    Thank goodness Cisco finally got its source code back! Now the source code is safe and sound, never to be seen again by anyone outside Cisco.

    --
    "Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
    1. Re:Phew! by noidentity · · Score: 2, Insightful

      Thank goodness Cisco finally got its source code back! Now the source code is safe and sound, never to be seen again by anyone outside Cisco.

      At least they can continue development on it. It must have been costly to have to put development on hold while the source code was missing.

      Or maybe the code wasn't stolen, rather copied.

  13. torrent? by Anonymous Coward · · Score: 2, Funny

    Anyone got a torrent?

  14. Damn I was wrong! by Evil+W1zard · · Score: 2, Funny

    You mean it wasn't Habib Marwan and his terrorist cell that stole the IOS code to reverse engineer it into a software chipset that could be used to simultaneously override a nuclear powerplant and a nuclear warhead! Man I was way off.

    --
    News Reporters Make Tasty Polar Bear Treats!
  15. Re:Light on evidence? by EvilTwinSkippy · · Score: 2, Insightful
    The fact that every report says "since the arrest, the intrusions have stopped" ought to tell us something...

    Mainly that the folks who are behind the break ins read the same news articles we do.

    --
    "Learning is not compulsory... neither is survival."
    --Dr.W.Edwards Deming
  16. The suspect by LarsWestergren · · Score: 4, Funny

    The suspect is a 16 year old boy from Uppsala, Sweden, my hometown. I bet he doesn't feel as clever now as he used to. :-)

    I look forward to Maureen O'Gara's next scoop though: "He came from Uppsala, the headquarter of famous open source company mySQL AB! Also the place where Vikings once slaughtered Christians in pagan rituals! All a coincidence? I think not!!"

    --

    Being bitter is drinking poison and hoping someone else will die

  17. Must be nice to have such confidence by PenguinBoyDave · · Score: 3, Funny

    Since I bitch-slapped a hacker trying to break into my system I have not seen another one trying. All that activity must have stopped as well. Wow...I suddenly feel all is right with the world

    --
    I'm not a troll, but I play one on Slashdot.
    1. Re:Must be nice to have such confidence by EvilTwinSkippy · · Score: 4, Funny

      RFC37337 - Corporal Punishment over UDP

      --
      "Learning is not compulsory... neither is survival."
      --Dr.W.Edwards Deming
  18. Firewall? by nogginthenog · · Score: 5, Funny

    Looks like they could do with a decent firewall to keep out intruders. Can anyone recommend a good one?

    1. Re:Firewall? by Anonymous Coward · · Score: 2, Funny

      I hear Cisco is pretty good....

      Oh Wait...

  19. Re:Light on evidence? by Veinor · · Score: 3, Insightful

    Or maybe they're not really bothering to verify it, but instead quoting each other, since if one of them says it, it must be true!

  20. Decentralized Networking... by Anonymous Coward · · Score: 4, Insightful

    The more and more I hear about these types of hacks, attacks, and thefts, it makes me wonder why many big companies still choose to remain 'online.'

    We all know that the internet can be a very dangerous place, so why would any company in their right mind choose to have computers with potentially sensitive source code or database information remaining on a publicly facing network?!

    Very few machines in a given development or database office should have Internet access, and these machines should not be directly connected to the rest of the company. The reason you spend all of that cash on networking equipment is for private closed intranets, it's not to get you online!

    Plugging into the internet is just like going public, no matter how many basements with feline guards at the doors you have in place, you can never be 100% secure.

  21. Don't they WANT it secure? by mreed911 · · Score: 5, Interesting
    From TFA: "The stolen code was a portion of Cisco's Internetworking Operating System version 12.3. The incident has been a matter of concern because malicious hackers might find flaws in the code that could be exploited to impair the functioning of Cisco's routers."

    Translation: We don't have time to QA this code, so we'd rather not have anyone do it themselves, either, then hack us with the holes we neglected to look for in the first place.

    Ugh. Sometimes I wonder if there ought to be an open-source REQUIREMENT in RFP's to vendors. Hell, code availability has HELPED Linksys (who's also Cisco!) - folks have "hacked" it to make it MORE robust, but you don't see any greater number of "hacks" for Linksys products than you do for anyone else...

    Maybe Cisco ought to focus on the security BASICS (it's still easiest to get into some else's network because they never changed the default password than it is to script-kid some mutated hack into working) rather than worrying that "outsiders" might actually harden their products FOR them...

    1. Re:Don't they WANT it secure? by Anonymous Coward · · Score: 2, Interesting

      Do you have any idea what it's like to maintain a codebase for something as enormous and complex as IOS?

      I'm really growing tired of people blindly presenting the position that EVERYTHING would be better open-source.

      Look at the number of security vulnerabilities over the last 5 years for the Linux kernel. Now look at the vulnerabilities over the same 5 years for Cisco IOS.

      Simply having something opensource does not imply that the end result will be more secure. And the prospect of having something like IOS being audited by criminals (at least intelligent ones) is almost a guarantee that at some point large chunks of the Internet will go down. That's not a chicken little attitude - it's just reality.

      Also for what it's worth, as someone who worked on this particular case, it *is* a huge relief that "the criminal activity has stopped". In case you didn't know, this particular 'kid' and his friends had upwards of 100,000 accounts across every major university, government lab, company, and military branch you can think of. A certain super-computing facility was one of the earliest compromised networks and password collectors ensured that these attackers got accounts all over the world.

      And for the love of God, don't even think of playing the "well they deserved it because they weren't secure" card. That's one of the biggest screwball concepts I've ever heard of, and my typical response is that with that logic it would be fine that if you just *once* forgot to lock the door to your home, that I would then have every 'right' to go into your home, trash it, and burn it to the ground. Or even better - you *do* lock your doors, but some clever thief got his hands on the plans for your particular Schlage lock and picks it. Does that make you or Schlage incompetent idiots? No.

      It's an arms race, people. Nobody is going to win, but don't belittle the people who put their life's work into trying to at least slow down the bad guys just so you can have an Internet around to read slashdot and post what you perceive to be extremely cogent arguments on something you don't know the first thing about.

  22. Yes: and that's why they arrested the boy by Anonymous Coward · · Score: 2, Interesting

    From TFA: "The stolen code was a portion of Cisco's Internetworking Operating System version 12.3. The incident has been a matter of concern because malicious hackers might find flaws in the code that could be exploited to impair the functioning of Cisco's routers."

    Translation: We don't have time to QA this code, so we'd rather not have anyone do it themselves, either, then hack us with the holes we neglected to look for in the first place.

    Well, if security isn't a concern in our daily lives; why should computers be somehow different?

    If someone steals a master key from GM, he goes to jail; he isn't charge just with petty theft, even if he doesn't attempt to use the key himself. The authorities (police and lawmakers) don't want that kind of information (how to make a master key) getting out. They don't blame GM for having a common exploit available in a large range of vehicles: they blame the guy who tried to obtain the forbidden knowledge.

    Similarly, they arrested a boy who gained forbidden knowledge that could be used to damage Cisco routers, if those routers aren't secure. Cisco is not held liable for any insecurities in their routers: and this is consistant with legal tradition.

    The fact is, cars are not secure, and GM isn't expected to accept liability for that. They're stolen every day, and the existance of master keys doesn't help much. Even without that, there are many are well-known classes of attacks by which thieves can compromise vehicle security.

    There's the "smashed windshield" attack, the "lockpick" attack, the "hotwire the engine" attack and many others. Tactics range from "social engineering" tricks (like lying to the valet to get the keys) to sheer brute force methods (such as clubbing the driver over the head, and stealing his car).

    The automotive industry hasn't dealt with this problem by manufacturing significantly more secure vehicles. Instead, it relies upon the police to enforce the laws against people who would take advantage of these exploits.

    Similar attitudes are seen in the housing industries (most windows aren't made of bulletproof glass), and in fact, in most industries where security is a concern. Security is expensive: and we're already paying for a police force to ensure that criminals aren't lurking about. [1]

    Within the computer industry, some programmers seem shocked that security is a low concern: and yet, they go home to places with breakable glass in the windows. There's an exploit for that, too: it's called a "flying brick attack", and it's nastier than your average DDOS...

    In short, they arrested the boy, because it's consistant with what the laws say, and with what the police do. If you want to change that, talk to your local politicans...
    --
    AC

    [1] I didn't say it was working... just that the concept was there...