Newsletters
Technology, Discovery & Innovation NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Computing Digital Life Discovery Space More Topics...
Computing
Average Rating:
Rate this article:  
Symantec $50,000 Sting Fails To Turn Out Hackers
Symantec $50,000 Sting Fails To Turn Out Hackers

By Jennifer LeClaire
February 7, 2012 11:24AM

Bookmark and Share
Lords of Dharmaraja already embarrassed Symantec in late January. Symantec disclosed that the source-code theft appeared to be the result of a security breach that occurred in 2006. In order to avoid man-in-the-middle attacks, Symantec suggested clients stop using pcAnwhere until a security patch was ready.
 



Call it an attempted sting. A group of hackers claimed to possess source code for Symantec's pcAnywhere and Norton Antivirus software -- and wanted $50,000 in exchange for not leaking the code.

What the hackers didn't know was that it wasn't Symantec they were negotiating with in the e-mail exchange. Law enforcement officials acting as a Symantec employee were on the other side of the virtual communication.

The drama began in early January. That's when Symantec revealed that a segment of its source code for Norton products was stolen in a security breach. An Indian hacking group called Lords of Dharmaraja claimed it got its hands on source code used in the Norton anti-virus program. The group later claimed affiliation with the "hacktivist" group Anonymous.

Reactive Security

The lengthy e-mail exchange began Jan. 18, but in the end apparently no money changed hands and no arrests were made.

Reuters obtained some of the e-mails from the hacker group. One, from a fake Symantec employee "Sam Thomas," read: "We can't pay you $50,000 at once for the reasons we discussed previously. In exchange, you will make a public statement on behalf of your group that you lied about the hack."

But the hackers turned the tables on Symantec. YamaTough, a hacker affiliated with Lords of Dharmaraja, told Reuters, "We tricked them into offering us a bribe so we could humiliate them."

Lords of Dharmaraja already embarrassed Symantec in late January. The theft led Symantec to advise customers using pcAnywhere to disable the software. Symantec disclosed that the source-code theft appeared to be the result of a security breach that occurred in 2006. In order to avoid man-in-the-middle attacks, Symantec suggested clients stop using the software until a patch was ready.

Charles King, principal analyst at Pund-IT, called the Symantec drama an "ugly little story on every level." He said he expected to see more stories like this as hackers become increasingly sophisticated. As he sees it, even security companies are being forced to behave in a reactive rather than proactive manner.

Remembering RSA

Case in point: RSA. RSA's SecureID tokens were hacked last March. Hackers attacked RSA servers and walked off with data they could use to compromise the security of two-factor authentication tokens that 40 million people used to access secure government and corporate networks.

Then it got worse. On June 2, RSA confirmed that data stolen from the company in March was used in an attempted attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed reportedly thwarted the attack.

King said such attacks on security firms brought to mind Willie Sutton, a prolific U.S. bank robber who robbed about 100 banks from the late 1920s until his final capture in 1952. Once, when he was caught, someone asked him why he robbed banks. "That's where the money is," he replied.

"If you are a hacker and you want the crown jewels -- if security is an issue you are trying to dance around -- you hack the security company, because that's where the information is," King said.
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Computing
1.   Can One Size Windows OS Fit All?
2.   Wall Street Journal Hacked Again
3.   Dropbox for Business Boosts Security
4.   New Technology Defeats Privacy Efforts
5.   Design Central to Microsoft Future


advertisement
Backlash Stirs Against H-1B Visas
Debate over foreign workers continues.
Average Rating:
Amazon Intros Zocalo Storage Service
Online storage and sharing for business.
Average Rating:
Design Central to Microsoft Future
New ethos a break from functional past.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 

Enterprise Hardware Spotlight
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 

Navigation
Sci-Tech Today
Home/Top News | Computing | Digital Life | Discovery | Space | Innovation | Health | Science News
Environment
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.