Hacker writes rootkit for Cisco's routers
- 1
- 2
- < previous
Cisco's suit was quickly settled, but Muniz and his employer clearly have Lynn's experience in mind as they ready for next week's conference. They declined to provide technical details on the presentation ahead of time. "We're still in the process of putting the whole presentation together, and we also need to work with Cisco before we talk to anybody," a Core spokesman said. "The big concern is making sure that everything is cool with Cisco."
Cisco declined to comment for this story.
Jennifer Granick, the Electronic Freedom Foundation lawyer who represented Lynn in 2005, said that Cisco could bring these trade-secret claims against Muniz, but because the technical community reacted so negatively to the 2005 lawsuit, she believes that this may not happen. "Cisco thinks of itself as really researcher-friendly," she said. "I think they will be very careful before filing legal action."
Still, the rootkit comes at a sensitive time for Cisco. Last week, the New York Times reported that the US Federal Bureau of Investigation considers the problem of fake Cisco gear a critical US infrastructure threat.
In late February the FBI culminated a two-year investigation by breaking up a counterfeit Cisco distribution network and seizing an estimated US$3.5 million worth of components manufactured in China. According to an FBI presentation on Operation Cisco Raider, fake Cisco routers, switches and cards were sold to the US Navy, the US Marine Corps., the US Air Force, the US Federal Aviation Administration, and even the FBI itself.
The US Department of Defense has expressed concerns that the lack of security in the microelectronics supply chain could threaten the country's defense systems, and the idea that an attacker could sneak a rootkit onto a counterfeit Cisco system has security experts worried.
Cisco routers are typically compromised by hackers who are able to guess their administrative passwords, said Johannes Ullrich, chief research officer with the SANS Institute. But there are few tools around to check these systems for signs of hacking. "How would you find out?" he said. "That's the big problem."
- 1
- 2
- < previous
Click here for case studies, whitepapers and other useful vendor content 
ARN Panel Sessions: Day 3The last of our panel sessions recorded live at CeBIT 2008. Today, the topic is storage. Data is growing at an enormous rate, so what does the future hold?
Weekly Tech News Update: 21st November 2008Yahoo's CEO says goodbye, Intel introduces a new processor, and robots run wild. All that news and more on this week's World Tech Update
Electronic voting in U.S. electionDoubts about voting machines are lingering in the minds of many Americans as they head to the polls.
When an IT disaster occurs, how handy it would be to push a button and start again as if nothing had happened.
Discover and learn more about CA XOSoft today.
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 20 November, 2008 17:34:00
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 20 November, 2008 12:06:00
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 20 November, 2008 12:04:00
NetApp Named 2008 Citrix Ready Solution of the Year by Citrix Systems 20 November, 2008 11:33:00
Extreme Networks Ethernet Transport lowers total cost of ownership for carrier metro networks 20 November, 2008 10:21:00
WebCentral boosts Security and Reliability with Windows Server 2008
WebCentral, Australia's largest web and application hosting company, relies on Microsoft Windows Server 2008 to deliver the security, manageability and reliability their customers require.
Buying Guides
