Cisco Source Code Reportedly Stolen

Updated: The FBI is investigating the possible theft of source code for Cisco's main networking device operating system.

The FBI confirmed Tuesday that it is working with Cisco Systems Inc. to investigate the possible theft of source code for Ciscos main networking device operating system.

FBI spokesman Paul Bresson said that the FBI is lending its "assistance" into the "possible" theft. "We are aware of it, and were working with [Cisco] to resolve whatever issues may exist," said Bresson, in Washington, D.C.

According to a Russian security Web site, criminal hackers broke into Cisco Systems corporate network last week and stole 800MB of source code for IOS 12.3 and 12.3t (an early deployment version of the operating system containing features not found in the vanilla 12.3 version). In addition, a 2.5MB sample of what is supposedly IOS code was released on an Internet Relay Chat channel as proof of the alleged theft.

"Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public website just prior to the weekend," said Cisco spokesman Robert Barlow. "Cisco is fully investigating what happened. As a matter of policy, we take security very seriously and we continue to take every measure to protect our intellectual property, employee and customer information."

IOS 12.3 is the newest main version of San Jose, Calif.-based Ciscos popular operating system. Its used across the companys networking line, including in home office routers (the 800 Series); those for branch offices (the 3700 Series); and those that comprise the Internet backbone (the 7000 Series). Other routers that use the operating system include the 1700, 2500, 2600 and 3600 Series.

This could represent a major security threat not just for Cisco users, but for the entire Internet. According to the DellOro Group, a market research firm that specializes in the networking and telecommunications industries, Cisco owns 62 percent of the core router market.

/zimages/4/28571.gifFor insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog.

With the proprietary source code in hand, criminal hackers could, in theory, create programs that could cause denial-of-service attacks in Cisco-based networks.

Barlow said Cisco would "continue to actively monitor the situation and will respond according to established process and procedures, should the need arise."

A previous major source code theft of parts of Microsofts NT 4.0 and Windows 2000 has not led to any security violations. However the alleged theft of the Cisco source code, since its both the most current edition and all of the code, has the potential to be more damaging.

Paula Musich and Margarita Manwelyan contributed to this story.

Editors Note: This story was updated to include comments from a Cisco spokesman and FBI spokesman Paul Bresson.

/zimages/4/28571.gifCheck out eWEEK.coms Security Center at for security news, views and analysis.

Be sure to add our security news feed to your RSS newsreader or My Yahoo page: