FBI Investigates Stolen Source Code

Gretchen Gallen
SAN JOSE, Calif. – After reporting yesterday that a portion of its core software code had shown up on the Internet, Cisco Systems Inc., the maker of some of the core elements that direct computer traffic over the Internet, is now investigating whether the code was stolen.

A portion of the raw source code first showed up on a Russian security site, SecurityLab.ru, which claimed it had been submitted by an anonymous hacker.

After confirming that the source code was original proprietary material from its Internetworking Operating System, Cisco notified the FBI and began its own internal investigation into the matter.

According to an announcement by Cisco, the source code is part of the operating system that runs the Cisco-built hardware that makes the Internet work.

The 2.5 MB of code was first acquired by the Russian security company over an Internet Relay Chat channel by someone calling themselves "Franz," the FBI has reported. There is reason to believe that the hackers could be in possession of as much as 800MB of IOS software.

Kevin D. Mitnick, a former hacker, told the WashingtonPost.com that he has seen Cisco source code circulating over the Internet on many occasions. Mitnick was arrested by the FBI in 1995 for hacking into the federal government's website.

"I've been offered up Cisco source code three times in the last three years," he said. "Of course, I declined."

It is not yet clear what the ramifications of the alleged theft could be, although Cisco has downplayed the situation and denies that the source code falling into the wrong hands could pose any security threat to its network or the Internet.

However, some security experts disagree, saying that hackers who exploit security flaws in the software could end up causing a disruption to the Internet. There is also speculation that the hackers in possession of the code could be intending to sell it, rather than hacking further into the Cisco system.

"Cisco is aware that a potential compromise of its proprietary information occurred and was reported on a public website just prior to the weekend," the company said in a statement. "Cisco is fully investigating what happened."