Wednesday, January 18, 2012

Symantec Softpedals Indian Source Code Theft

Symantec is working to soften the revelation that a segment of its source code for Norton products was stolen in a security Relevant Products/Services breach. But is it enough to convince customers that Symantec is holding its security secrets tight to its chest?

An Indian hacking group is claiming that it got its hands on source code used in the Norton anti-virus program. Known as the Lords of Dharmaraja, the group is making threats to take the source code public, potentially giving a black eye to the security industry leader.

Yama Tough, a hacker in Mumbai, is serving as spokesman for the Lords of Dharmaraja. He claims the group obtained the source code from less-than-bulletproof Indian government servers.

Hackers Speak Out

"As of now we start sharing with all our brothers and followers information Relevant Products/Services from the Indian Military Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software Relevant Products/Services companies which have signed agreements with Indian TANCS programme and CBI," the group said in a statement on its Google+ page.

"Now we release confidential documentation we encountered of Symantec corporation and its Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from U.S. and India government agencies."

Symantec Answers Back

Cris Paden, a senior manager for Symantec's corporate communications, said the drama began on Wednesday. That's when a local chapter of Anonymous from India claimed in an online forum they possessed source code for Symantec's Norton Antivirus solutions.

"Symantec's Information Security team investigated the claims and found that instead they possessed documentation from 1999 describing how Norton Antivirus worked, but no source code was included. Hence, the claim was false," Paden said.

However, he added, on Thursday morning, the same chapter announced they possessed additional code. Based on the samples they provided to the same online forum, Symantec's Information Security team investigated and confirmed they did indeed have code; but that it was 4 and 5 years old and pertained to two enterprise Relevant Products/Services products, SEP 11, and SAV 10.2.

10 Million Updates Later

"While SAV 10.2 is still serviced by Symantec, it has been discontinued. SEP 11 has since evolved into SEP 12.0 and 12.1," Paden said. "This does not affect Symantec's Norton products for our consumer customers. Symantec's own network Relevant Products/Services was not breached, but rather that of a third-party entity."

Symantec recommends users keep their product version updated to ensure protection against any new threats that might materialize as a result of this incident.

"Another thing to bear in mind: In 2010 alone, we distributed 10 million updates to our products in response to new cyber threats. If you extrapolate to four and five years, you can get an idea of how much our products/solutions/and code has evolved over the following years," Paden said. "It doesn't minimize the situation, but it helps as far as a perspective on how old this code is."
 

Artikel yang Berkaitan

0 komentar:

Post a Comment