Friday | 10 July, 2009
CSO
Hacker writes rootkit for Cisco's routers
A hacker has written rootkit software that works on Cisco's routers.
Robert McMillan (IDG News Service) 15/05/2008 07:07:51
Page:

Cisco's suit was quickly settled, but Muniz and his employer clearly have Lynn's experience in mind as they ready for next week's conference. They declined to provide technical details on the presentation ahead of time. "We're still in the process of putting the whole presentation together, and we also need to work with Cisco before we talk to anybody," a Core spokesman said. "The big concern is making sure that everything is cool with Cisco."

Cisco declined to comment for this story.

Jennifer Granick, the Electronic Freedom Foundation lawyer who represented Lynn in 2005, said that Cisco could bring these trade-secret claims against Muniz, but because the technical community reacted so negatively to the 2005 lawsuit, she believes that this may not happen. "Cisco thinks of itself as really researcher-friendly," she said. "I think they will be very careful before filing legal action."

Still, the rootkit comes at a sensitive time for Cisco. Last week, the New York Times reported that the US Federal Bureau of Investigation considers the problem of fake Cisco gear a critical US infrastructure threat.

In late February the FBI culminated a two-year investigation by breaking up a counterfeit Cisco distribution network and seizing an estimated US$3.5 million worth of components manufactured in China. According to an FBI presentation on Operation Cisco Raider, fake Cisco routers, switches and cards were sold to the US Navy, the US Marine Corps., the US Air Force, the US Federal Aviation Administration, and even the FBI itself.

The US Department of Defense has expressed concerns that the lack of security in the microelectronics supply chain could threaten the country's defense systems, and the idea that an attacker could sneak a rootkit onto a counterfeit Cisco system has security experts worried.

Cisco routers are typically compromised by hackers who are able to guess their administrative passwords, said Johannes Ullrich, chief research officer with the SANS Institute. But there are few tools around to check these systems for signs of hacking. "How would you find out?" he said. "That's the big problem."

Page:
More about Core Security Technologies, US Federal Bureau of Investigation, BMG, EMC, Cisco, Cisco Systems, FBI, Federal Aviation Administration, Federal Bureau of Investigation, The SANS Institute, Microsoft, SANS Institute, IDC, Sony

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

The business justification for data security

In the information security world we face two major types of threats: "noisy" threats which directly interfere with our ability to do business and "quiet" threats which cause real damage, but don't necessarily prevent people from doing their jobs. Read on to discover how to combat both types of threats and to justify the use of data security within your business.

Sponsored Links