What Threat Is Posed by Stolen Cisco Code?

Opinion: The Source Code Club's offer to sell stolen source code for Cisco's PIX firewall might pose some security risks to Cisco's customers. But the real damage is more likely to be to Cisco's reputation and bottom line.

Once again, hackers are trying to sell what they purport to be the source code for Ciscos PIX firewall. But it isnt clear that theres any threat posed to customers by the code. In fact, the only people who might benefit from the code are Ciscos competitors.

The "Source Code Club" is offering to sell the PIX code for $24,000. But its not certain that anybody buying the code would be able to use it to find holes in the firewall software any more effectively than they could without it—unless they have significant software development and computing resources to examine the 37 MB of uncompiled code.

/zimages/4/28571.gifE-gold says it can track down the group that stole Ciscos code. Read about it here.

When some of the source code to Windows was stolen off a server at Mainsoft and released into the wild, many were concerned that it would mean hackers would quickly find new vulnerabilities in Windows and create "zero-day" exploits of the operating system—holes that Microsofts customers would have no prior warning of. Those concerns turned out to be unfounded. That was at least partially because of the age of the code (it was for Windows NT 4.0) and its incomplete nature, but it was also because most of what hackers could learn from the code couldnt be exploited to circumvent security.

The firewall code stolen from Cisco is apparently more complete and more current than the exposed Windows code. But the fact is that the biggest risk that the missing software poses is to Cisco itself—and a large portion of that risk surrounds this story continuing to appear in the news.

The code theft has become an embarrassment to Cisco, undermining the companys marketing message. After all, if their own network security products couldnt stop the theft of their intellectual property, how are they going to protect their customers? And the source code would be a boon to any would-be competitors seeking to develop a firewall product of their own—especially for overseas markets like China, where intellectual property rights border on theoretical.

Given the precedent set by SCO Groups litigation, open-source developers would likely avoid the Cisco code like the plague. Its still possible that the concepts and methods used within the PIX firewall source—or even chunks of the code itself--could find their way into some open source project. But at the current asking price, its unlikely anyone is going to risk receiving stolen goods just to give it away.

Even those with malicious intent beyond stealing Ciscos ideas will have a hard time getting any value out of the source--having the source code is not necessarily going to help hackers find new vulnerabilities in the PIX software. After all, if Cisco hasnt found them with the resources it dedicates to keeping the code bug free, it would take a good deal of deliberation over the code for someone else to find them.

Next Page: The worst-case scenario.