Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Symantec backtracks, admits own network hacked

Warns pcAnywhere users they face increased risk, confirms theft of source code of prominent consumer programs

Symantec has backed away from earlier statements regarding the theft of source code of some of its flagship security products, now admitting that its own network was compromised.

In a statement provided to the Reuters news service, the security software giant acknowledged that hackers had broken into its network when they stole source code of some of the company's software.

Previously, Symantec had denied that its own network had been breached, and instead pointed fingers at an unnamed "third party entity" as the attack's victim. Evidence posted by a hacker nicknamed "Yama Tough" -- a self-proclaimed member of a gang calling itself "Lords of Dharmaraja" -- indicated that the information was obtained from a server operated by the Indian government.

Two weeks ago, Symantec spokesman Cris Paden said that the hacker made off with source code of Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2, enterprise products between five and six years old.

At the time, Paden downplayed the seriousness of the theft.

Today, however, Paden said that source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen.

Some of those - Norton Internet Security and Norton Utilities - are among Symantec's most prominent consumer-grade products.

Symantec missed one bullet, however.

Last Saturday, Yama Tough promised to release more than a gigabyte of the source code for Norton Antivirus - the hacker did not specify which version - but he said the group has since reconsidered.

"We've decided not to release code to the public until we get full of it," Yama Tough wrote on Twitter Monday . "1st we'll own evrthn we can by 0din' the sym code & pour mayhem."

In the message, "0din'" likely stands for "zero-daying", meaning attacks launched against unpatched vulnerabilities.

Also on Monday, Yama Tough claimed that he had some or all of the source code for pcAnywhere, a multi-platform remote access suite that Symantec sells.

"PCAnywhere code is being released to blackhat community for 0d expltin!," said Yama Tough, again on Twitter .

Paden confirmed Yama Tough's claim when he told Reuters that pcAnywhere users face "a slightly increased security risk" because of the hacker's activities.

"Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information," Paden said.

Paden did not reply to Computerworld's requests for comment on Symantec's revised statement.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer , on Google+ or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@computerworld.com .

See more articles by Gregg Keizer .

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Apple, DX, etwork, Google, Microsoft, Norton, Reuters, Symantec, Topic
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Cybercrime and Hacking, Malware and Vulnerabilities, Reuters, security, Security Hardware and Software, symantec
Latest Blog Posts
Whitepapers
  • SOA and Business Processes: Making the Connection
    Service-Oriented Architecture (SOA) is also complex, and one of its main characteristics is that an SOA system is comprised of multiple applications that are combined to accomplish critical business processes. Discussions of SOA can quickly grow so complex that the system’s main benefits to an organization are difficult to fully understand. This article discusses SOA Suite 11g, a family of products that take SOA to a new level and correct some of the problems caused by the very combination of components and multiplication of languages that make SOA a flexible, agile system.
    Learn more »
  • TestPro achieves visibility over software defect management - Reducing project risk and improving quality
    In delivering specialised software testing products and services, TestPro aims to add value to its clients by assisting them to deliver software projects at a higher quality with less risk. It saw significant opportunity to reduce effort and resources during the product development life cycle.TestPro uses IBM Rational Team Concert software to help achieve greater visibility and reduce effort involved in managing product builds and defects during application development, maintenance and enhancement projects. Read more.
    Learn more »
  • Top Reasons to Implement an SOA Governance Strategy: A List for IT Executives
    Service-oriented architecture (SOA) has moved beyond hype to widespread acceptance as an IT strategy for delivering business value. SOA promotes the notion of modularity, providing overwhelming flexibility and superior economics for addressing business demands. However, undertaking the transformation to SOA is not without its challenges. If left unchecked, your inventory of SOA assets will become unmanageable; the reuse of services will diminish in favor of custom development; or even worse, modifications will be made to your existing services that break other business processes. The purpose of SOA governance is to help you ensure that this does not happen. This paper outlines the most compelling reasons for you to establish SOA governance within your organization.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.