No Restraint at Black Hat

Network equipment giant Cisco and Internet Security
Systems (ISS) jointly filed a restraining order Wednesday against the management
of the Black Hat Conference and a security expert who gave a presentation
claiming attackers can compromise Cisco routers.

The presentation on flaws in Cisco’s router software was initially
scrapped earlier in the week after Cisco and ISS reached an agreement. Angela Frechette, an ISS spokeswoman, said both companies had decided not
to move forward with the information until more research was done.

However, Michael Lynn, the former lead researcher for ISS, ignored legal
threats and efforts from both companies to remove his presentation from the
conference program, and went ahead and warned convention goers that it was
possible to run malicious programs on Cisco routers.

He resigned his post before making the presentation.

“Cisco believes the information that Mr. Lynn presented at the Black Hat
Conference yesterday contains Cisco intellectual property and was illegally
obtained,” John Noh, a Cisco spokesman, said.

Although the information had already been presented by Lynn, Noh said,
the companies filed a motion in the U.S. District Court for the Northern
District of California seeking to stop Lynn and Black Hat from continuing to
disclose Cisco’s “proprietary information.”

“We are asking the district court to enjoin them from further
disseminating information we feel was illegally obtained,” he said. “We don’t
want them to further discuss it.”

Earlier in the week, Cisco representatives ripped out 10 pages of the
presentation from conference handbooks after an agreement between the
companies that would have allowed Lynn to deliver a backup speech.

However, Lynn moved forward with his original plan, delivering a speech
describing how hackers can exploit Cisco the Internet Operating System
(IOS).

Last year hackers broke into Cisco’s corporate network and stole some of the source code for the
popular IOS operating system.

News Around the Web