Thousands of machines were penetrated just like those on Cisco’s network, investigators are finding out a year later.
Cisco occupies rarefied space in the technology world, a name instantly recognized even by many laypersons. Its networking hardware and software help connect millions of people to the Internet.
When an attacker compromised Cisco’s networks last year, alarming as it was, the company quickly patched security holes in its Internetworking Operating System (IOS). The patches went out to Cisco’s numerous other customers as well, and that seemed to be the end of the story.
Now, it appears Cisco wasn’t the only target of the attack. Federal and private computer security investigators have found out a year later that thousands of machines may have been penetrated in a similar matter.
The attacks went after computers on university networks, on military networks, and on NASA and other research labs. Many attacks have probably gone undiscovered.
While current investigations focus on a single suspect in Sweden, law enforcement believes more people may have been involved, and the probe will continue as they gather more evidence.
The suspect, a 16 year old, has been charged with breaking into university computers in his hometown. Attacks against machines in America were traced back to the university in Uppsala, Sweden.
Cisco suffered the theft of source code to its IOS. Portions of the code appeared online, where anyone with sufficient sophistication could make use of it for criminal purposes.
No instances of this possible misuse have been reported, and Cisco told the New York Times, “Cisco believes that the improper publication of this information does not create increased risk to customers’ networks.”
David Utter is a staff writer for Murdok covering technology and business. Email him here.
