It’s a true story: Anonymous & AntiSec hacking groups published Symantec’s pcAnywhere’s source code online for all to see. The pcAnywhere program is used to access computers remotely. A hacker named YamaTough emailed the company in an attempt to extort $50,000 in exchange for keeping a major security flaw a secret. According to reports, YamaTough entered Symantec’s network and grabbed pcAnywhere and Norton Antivirus source code and discovered backdoors that allowed governments to spy on individuals and companies.
Symantec’s response was to contact the FBI in hopes they could save the day. In the final email exchange, YamaTough gave them 10 minutes to respond or threatened publishing the code. How did it turn out? Well so far, he’s published 1.27GB of code on Pirate Bay. How did hackers get the code? Apparently it was stolen by a network break-in back in 2006, which explains why it’s for 2006 products. Stolen source code is extremely dangerous because it outlines exactly how the software was built… making it easy to hunt for flaws.
So you’re probably wondering, am I at risk now? Here’s the good news (hopefully). Only if you’re a customer who’s using an older version and who didn’t apply the security patches. I hope you’re all breathing a big sigh of relief here. If that’s not you (yikes), customers should ensure they gave version 12.5 installed and apply those patches right away.
I don’t know about you, but I rely on IT security vendors to keep me and my intellectual property safe. And there are a few parts of this story that raise some serious questions for me. Firstly, why did Symantec keep the network breach a secret since 2006? Weren’t they concerned about the security risk for their customers for the past 6 years? Or are they just learning about the data breach now? In which case why did it take so long to discover a break-in of this magnitude? With any luck we’ll get some more answers as the story unravels.