Pierluigi Paganini January 18, 2012

Do you remember the case of Symantec and the theft of the source code of some of its products by an Indian group of hackers called the lord of Dharmaraja? On that occasion it was declared by Symantec officials that the source code of its products had been stolen in a successful attack to the network of the Indian Military who guarded the code thanks to an agreement with the manufacturer of security systems.

The immediate reply of Symantec pointed on some main information:

• The source code stolen was dated on 2006.
• The code disclosure has no impact on current software version.
• The internal Symantec network was not accessed by hackers that have penetrated in the military systems.

The news of the day is the admission that the company’s internal network was compromised. The news as you can imagine raises disturbing questions, first of all the veracity of the statements made in the aftermath of the accident.
The company described completely different scenario, so why would wait this period
before this heavy admission?
The announced release of stolen software could reveal other inconvenient truths that have forced the company to make outing?

Particularly disturbing is the announcement of the ist of affected products. Initially, Symantec spokesman, Cris Paden, said the hackers have stolen only the source code of Symantec Endpoint Protection 11.0 and Symantec AntiVirus 10.2, minimizing the seriousness of the breach.
The situation is now changed again because the same Paden today admits that source code of Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere, had been stolen and some of this products are today available on the market, this means that there could be an impact on the customers.
Product like the famous antivitus and the Symantec pcAnywhere, the world’s leading remote access software solution, have been exposed according the ads of the hacker “Yama Tough” member of a gang calling itself “Lords of Dharmaraja”.

“Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information,” Paden said.

Symantec admits that the source code have been stolen in 2006 unnoticed hack attack, exactly six years ago.

But the consumer has to wonder how he handled the situation and why it was made public only today. What were the real impact on the safety of products sold in these years.
At a time notorious for the increase in cyber attacks on government and private companies is questionable in whose hands is really finished the source code and for which purpose have been used.

Last week, the hackers released the code to a 2006 version of Norton Utilities and have said they planned to release code to its antivirus software on Tuesday. It was not clear why the source code was being released six years after the theft.

Source code are full of surprises and rich of useful info included comments of the developers that share info on the design of their software.
I assume that the situation can still surprises us, I can only hope that an unseemly silence will not cover inconvenient truth in the name of money.

Pierluigi Paganini

References

http://www.reuters.com/article/2012/01/17/us-symantec-hackers-idUSTRE80G1DX20120117