A group of Indian hackers recently broke into Symantec, the makers of the Norton cybersecurity software suite, and while the story rests on a salacious premise, embarrassment is probably the worst thing that could happen to the company. Symantec admitted late Thursday night -- cybersecurity guru Bruce Schneier can confidently say that the idea of hackers' exposing a software company's source code really isn't that big a deal. "Bad press is certainly Symantec's biggest worry right now," Schneier told The Atlantic Wire. "It'd be worse if Symantec leaked the credit card numbers of their users, but the source code is a pretty abstract problem."?
Related: Not All That Surprising: Malware Victims More Likely to Get Mugged
The press love to swarm around?stories like this. Especially given the explosion of high profile hacks from groups like Anonymous and LulzSec, it makes for sexy sounding copy. Take these Indian hackers: the Lords of Dharmaraja. The hackers uploaded a portion of the source code to Pastebin on Tuesday, and though it's since been taken down, the code and the message?can be accessed through Google's cache. And the threats they make! "As of now we start sharing with all our brothers and followers information from the Indian Militaty Intelligence servers [sic]," the Lords of Dharmaraja write, "so far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI." But as frightening as it is to talk about military intelligence servers and the Indian Spy Programme,, the only real risk of releasing that source code would be opening Symantec up to future hacks that could damage its business.
Related: Teens Hacking Their Friends's Twitter Accounts Is All the Rage
We just don't know until experts get to see the source code the hackers came up with. "The source code might have huge smoking guns," Schneier explained, adding that "the bad guys" will certainly look through the code for vulnerabilities and potentially exploit them. And the revelations could be anything. "Who knows, right? there could be stuff that's really embarrassing."?Perhaps Symantec is working with the National Security Agency on some top secret government projects, Schneier suggested. Leaking that secret could be really bad! We have no reason to suspect that to be true, though.?Though it does appear that the hackers acquired some documents about Symantec working with Indian spies, we'll have to wait and see if this will matter.
Related: The Virus Infecting the U.S. Drone Fleet Came from Mafia Wars
The experts at fellow cybersecurity firm Sophos provided a similarly sober read of the whole scandal situation. (It's probably going overboard to call it a scandal right now.) At Sophos's blog Naked Security Graham Culley said we ought to just feel bad for Symantec?:
It's hard not to feel sympathy for Symantec - who appear to have been caught in the crossfire between a hacking gang and the Indian authorities.?Although Symantec customers may not be at risk, it's easy to see how the software company will feel bruised by the publicity that the Lords of Dharmaraja have generated through their hack.As Culley's tone suggests, Symantec's competitors aren't attempting to use this breach as a competitive advangage so far. Schneier told us that if another cybersecurity like McAfee even tried, it would only make them look bad for inflating the issue. The real worst case scenario, he said: trash-talking in the boardroom. "I'm sure all competitors will go to their meetings today," Schneier concluded. "And say, 'Look at Symantec. Look at how dumb they are.'"
Related: Spies Want to Go Open-Source to Stop the Next WikiLeaks
Some of these hacks do end up mattering. But from what we know so far, this isn't one of them.
patti labelle the weeknd the weeknd payroll tax payroll tax aisha khan alanis morissette
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.