The FBI said Swedish authorities had detained
a teenager accused of stealing Cisco source code, the
basic programming instructions responsible for directing global traffic
across the Internet.
The bureau also said it was continuing to work with Swedish police on
the case, as well as British authorities and law enforcement agents of
several other European countries, to determine if there were accomplices in the 2004 breach.
Neither Cisco nor the FBI would comment on whether the stolen
information had been used to launch attacks via the Internet, but a report
in The New York Times claimed the codes had been used in “broad and
long-lasting” attacks on high-security computer systems, including those of the U.S. military and NASA.
However, a spokesman for the FBI did say that the year-long
investigation had effectively put a stop to any illegal activity surrounding
the case.
“As a result of recent actions by law enforcement, the criminal activity
appears to have stopped,” he said.
As previously reported in April 2004 by internetnews.com, shortly after the breach a Russian security Web site reported that hackers broke into the switching and routing giant’s network and stole 800MB of source code for IOS 12.3 and 12.3t. Samples of the code were reportedly posted on an underground IRC channel as proof of the breach.
The Times report claims the attacks were detected by workers at several
research labs who saw that software on Cisco computer routers had been
compromised.
Cisco said it immediately enlisted the help of law enforcement agencies
after it discovered the break-in, which occurred prior to May 15, 2004.
“Throughout the investigation, Cisco cooperated fully with all law
enforcement agencies and will continue to work with them on this matter as
necessary,” the company said.
The FBI is uncertain whether the teen will be prosecuted
under U.S. law.
The company said they were aware of the arrest in Sweden in relation to
the IOS source code theft. Cisco IOS source code is both copyrighted and
protected as proprietary material.
“We will continue our development in innovative technologies in the area
of security and are committed to helping our customers protect their
networks,” Cisco said.