Image via Wikipedia
I detailed the attack by hackers on Symantec, the maker of popular Norton Antivirus software in my article, "Lords Of Kings Hack Norton Antivirus, Are You Safe?"
Subsequently, Symantec’s take on the hacking was detailed in "Symantec Says Norton Is Safe After Lords of Kings Attack."
Symantec had stated that the stolen code was 10 years old and did not include the code for its flagship product Norton Antivirus for consumers.
Now Symantec is backtracking. In an email to The Arora Report, Symantec admits,
“Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere. Due to the age of the exposed source code, except as specifically noted below, Symantec customers – including those running Norton products -- should not be in any increased danger of cyber attacks resulting from this incident.
Customers of Symantec’s pcAnywhere product may face a slightly increased security risk as a result of this exposure if they do not follow general best practices. Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information. Since 2006, Symantec has instituted a number of policies and procedures to prevent a similar incident from occurring.”
Symantec continues to claim customers are safe.
“They (hackers) can try, but the attack itself will look like it’s from 2006. If customers are using updated versions of their current software – whether it is consumer or enterprise software -- they’ll be protected. They don’t need to upgrade or change software. Just make sure it’s updated, which it will be particularly if the auto-update function is turned on.”
Lords of Dharamraj, the hacker group, seems to have quite a bit up their sleeves. Here are the recent tweets from YamaTough, their spokesperson,
YamaToughLoD
"We've decided not to release code to the public until we get full of it =) 1st we'll own evrthn we can by 0din' the sym code & pour mayhem."
Symantec’s main competitor, McAfee, is now owned by Intel (INTC). As a result of this incident smaller firms such as (CHKP), (FTNT), and (FIRE) may benefit. Larger firms such as (MSFT),(HPQ), (CSCO), (JNPR), (IBM) and (CA) may also benefit.
Vigilance is needed until more is known. Please stay tuned to Forbes.
About Me: I am an engineer and nuclear physicist by background and have founded two Inc. 500 fastest growing companies. I am the chief investment officer at The Arora Report which publishes four newsletters to help investors profit from change. Please feel free to write me at Nigam@TheAroraReport.com.
Full disclosure: I, my hedge fund, and subscribers to ZYX Buy Change Alert have positions in Hewlett-Packard (HPQ), Intel (INTC) and Cisco (CSCO).
