Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Arrest made in Cisco source code theft

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Arrest made in Cisco source code theft
Date: Mon, 20 Sep 2004 04:12:48 -0500 (CDT) 
http://www.nwfusion.com/news/2004/0917arresmade.html

By Paul Roberts
IDG News Service
09/17/04

Police in the U.K. have arrested a man in connection with the theft of
source code from networking equipment maker Cisco in May, a Scotland
Yard spokeswoman confirmed Friday.

The Metropolitan Police Computer Crime Unit searched residences in
Manchester, U.K. and Darbyshire, U.K. on Sept. 3., confiscated
computer equipment and arrested a 20 year-old man suspected of
committing "hacking offenses" under that country's Computer Misuse Act
of 1990. While authorities could not discuss the specifics of the
case, the arrest was linked to the Cisco source code, according to
Julie Prinsep, a Yard spokeswoman.

The suspect has since been released on bail and is scheduled to appear
before authorities at a London police station again in November,
Prinsep said. Computer equipment seized in the searches is being
forensically examined, she said.

Cisco did not immediately respond to requests for comment.

The arrest marks a major breakthrough in the case, which involves the
posting of more than 800M bytes of source code from Cisco's
Internetwork Operating System (IOS) to a Russian Web site in May.

IOS is a proprietary operating system that runs on much of the
networking hardware that Cisco makes.

Malicious hackers made off with code for Versions 12.3 of IOS after
the thief compromised a Sun Microsystems Inc. server on Cisco's
network, then briefly posted a link to the source code files on a file
server belonging to the University of Utrecht in the Netherlands,
according to Alexander Antipov, a security expert at Positive
Technologies, a security consulting company in Moscow.

Antipov said he downloaded more than 15M bytes of the stolen code
after an individual using the online name "Franz" briefly posted a
link to a 3M-byte compressed version of the files in a private
Internet Relay Chat forum on in May.

The link provided was only available for approximately ten minutes and
pointed to a file on an FTP server, ftp://ftp.phys.uu.nl, which
belongs to the University of Utrecht in the Netherlands. That server
is open to the public for hosting files of files smaller than 5M
bytes, according to the University's Web page.

Antipov subsequently posted some of that code on a Russian security
Web site, www.securitylab.ru, to call attention to the reported theft,
but denied knowing Franz.

At the time, Cisco said it was working with the FBI to pursue the
hackers. The FBI was not able to comment on the arrest Friday.

The arrest in the Cisco theft follows other recent successes in
cybercrime cases. In June, the FBI announced arrests in the source
code theft for a much-anticipated version of the popular computer game
Half-Life from the network of game maker Valve.

In May, German police arrested men in connection with creating the
Sasser Internet worm and a Trojan horse program called Agobot. On
Sept. 9, prosecutors in Verden, Germany, indicted an 18-year-old
student in the Sasser worm case.



_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes - 
http://www.c4i.org/ethan.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Arrest made in Cisco source code theft, InfoSec News <=
Previous by Date:  [ISN] Beckham computer arrest made, InfoSec News
Next by Date:  [ISN] Linux Security Week - September 20th 2004, InfoSec News
Previous by Thread:  [ISN] Beckham computer arrest made, InfoSec News
Next by Thread:  [ISN] Linux Security Week - September 20th 2004, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]