Guest

Security

Illegal Posting of IOS source code

Update: September 17,2004

As we have previously reported, Cisco continues to cooperate with law enforcement agencies on this matter, and we are encouraged that an arrest has been made. We view the arrest as what will likely be one of many steps in this matter. We will take every measure to protect our intellectual property.

May 20, 2004

Cisco is aware that just prior to the weekend of May 15th, a portion of Cisco's Internetworking Operating System (Cisco IOS) code was illegally copied and subsequently posted on the Internet.

As a matter of policy, Cisco takes information security very seriously and continues to take active measures to protect its proprietary information as well as employee, customer, and partner information. Where appropriate, this includes working with law enforcement agencies.

A full investigation has been launched and Cisco is cooperating with the Federal Bureau of Investigations and other law enforcement agencies on this matter. Questions about the ongoing investigation should be directed to the appropriate contacts at the FBI.

Cisco is providing the following information, based on preliminary findings:

  • Just prior to the weekend of May 15th, a portion of Cisco's Internetworking Operating System (Cisco IOS) code was illegally copied and taken outside of Cisco's internal systems.
  • Code was available on a foreign website for several days. It has subsequently been removed.
  • Cisco believes that the improper publication of this information does not create increased risk to customers' Cisco equipment.
  • It appears this occurrence was not the result of any exploitation of a vulnerability in any product or service offered by Cisco to its customers and partners.
  • Cisco has no reason to believe that this situation was the result of any malicious action initiated by any Cisco employee or contractor.
  • Cisco does not believe any customer information, partner information or financial systems were involved.

Cisco will continue to closely monitor this matter and provide updates as appropriate to this site (www.cisco.com/security/ ).

Consistent with the past, Cisco continues to recommend all customers and partners follow best practices when designing, building, maintaining and optimizing a secure network. Additional resources can be found at www.cisco.com.

Cisco remains dedicated and focused on providing secure, intelligent networking systems to its customers and partners.

Thank you.