Homepage

News > Technology
    SAVE   |   EMAIL   |   PRINT   |   RSS  
Breach that hit Cisco wider than thought
Thousands of computers penetrated by attack that stole, posted software from Cisco network.
May 10, 2005: 1:57 PM EDT

NEW YORK (CNN/Money) - The theft of software from a Cisco Systems network last year was only part of a series of widespread attacks that breached thousands of computer systems, federal officials and security investigators now say.

The FBI confirmed that investigators now believe the attacks involved systems serving the American military, NASA and research laboratories.

Software on routers and computers that control the Internet were compromised last year by a hacker, perhaps a youth in Sweden, who has been charged as a juvenile, the agency said.

The FBI said it is unclear to U.S. authorities what, if anything, can be done to prosecute the youth for violating U.S. laws.

"We have not received any formal request from (U.S. authorities) to question or apprehend the 16-year-old," Uppsala police spokesman Christer Nordstrom said. "But I can confirm that there has been an exchange of information with the FBI."

"We are aware that a person has been detained in Sweden related to the IOS source code theft and are encouraged by this action," the San Jose, California, company said in a statement.

The New York Times, which first reported the expanded breadth of the attacks Tuesday, said the youth did not devise a new kind of attack but cleverly organized computers, perhaps with a small band of other hackers, to automate the theft of computer log-ins and passwords.

The paper reported that security specialists at U.S. supercomputer laboratories, looking into intrusions there, discovered a year ago that passwords to Cisco's computers were compromised.

While they notified Cisco (Research), some of the company's software was stolen before officials could respond. Soon after that theft, a portion of the Cisco programming instructions appeared on a Russian Web site.

Cisco moved to shore up its security, but portions of its software code were published on an Internet site in Russia, the Times reported.

Swedish police have declined to say whether their investigation of a 16-year-old boy is related to the May 2004 incident that exposed the inner workings of Cisco's Internetworking Operating System, or IOS.

The paper also said that sophisticated users could potentially use that software to compromise security on routers used to link computers of Cisco customers.

But the paper said there is not yet evidence that such a compromise has occurred, and the company told the paper, "Cisco believes that the improper publication of this information does not create increased risk to customers' networks."

Source code, the underlying blueprint of computer software, determines how programs work. Companies like Microsoft Corp. (Research) zealously guard their source code because they consider it the lifeblood of their business.

The New York Times reported that the Cisco theft was part of a broader hacking campaign that targeted computer systems run by U.S. universities and government agencies.

Several supercomputer labs in April 2004 reported that computers connected to the high-speed TeraGrid network had been breached.

A spokeswoman for the White Sands Missile Range in New Mexico confirmed that the facility had experienced an intrusion around the time that Cisco reported its breach, but said no sensitive information was obtained.

"Basically, they got into some local weather forecasts," spokeswoman Monte Marlin said.

The FBI said in a statement it had been working with authorities in Sweden and Great Britain to track down the culprit. "As a result of recent actions, the criminal activity appears to have stopped," it said.

Authorities in Great Britain arrested a 20-year-old man last September in connection with the Cisco hacking, but no charges have been filed.

Worried about computer security and identity theft? Click here.  Top of page

graphic


YOUR E-MAIL ALERTS
Computer Security
Computer Software
Hackers
Cisco
Manage alerts | What is this?