Negotiating with Anonymous: Symantec talks collapse, source code released
Security software company Symantec tried to negotiate this week with the hacker group Anonymous to prevent the release of source code stolen in 2006. But the talks failed, and now Anonymous has published both the code and the email trail detailing negotiations.
Looks like the hackers win this round.
On Tuesday afternoon, the "hacktivist" network Anonymous published the source code to security software vendor Symantec's pcAnywhere program on torrent sites, apparently after negotiations to the tune of $50,000 fell through. Anonymous posted emails earlier this week detailing the negotiations, which took place between "Yamatough," an online personality representing an Anonymous-affiliated group, and either a Symantec employee or a law enforcement sting operation (it depends on who you ask).
According to the emails, Symantec offered Yamatough $50,000 in exchange for the destruction of the source code and a public statement saying that Symantec hadn't been hacked in the first place. Negotiations broke down when Yamatough demanded the money be sent through Liberty Reserve, an offshore account, and accused Symantec of cooperating with the FBI. Symantec asked for more time to negotiate and asked to send the money in small chunks, but the email exchange broke off after Yamatough gave the company ten minutes to "decide which way you go."
The alleged hack happened way back in 2006, but the issue didn't surface until last month. When Anonymous threatened to release the code in late January, Symantec initially asked users to stop using pcAnywhere, fearing that known vulnerabilities might be exploited. A few days later, it released patches for affected version that plugged the security holes.
At the same time, however, Symantec was apparently negotiating with the hackers to prevent the public release of the code. And now that negotiations have broken down, "pcAnywhere" is out in the wild, accompanied by the logo of the Anonymous subgroup "AntiSec." The group also threatened to publish the source code to several Norton antivirus programs, although that hasn't happened yet.
What's to be done? Well, it doesn't look like users are at much risk. Symantec has already released patches for pcAnywhere to protect against the vulnerabilities in the leaked code, and it says the Norton code is too old to be used for cyber attacks. But the hack certainly leaves Symantec with a public relations mess on its hands. Cris Praden, the company's Senior Manager for Corporate Communications, commented that Symantec contacted law enforcement as soon as the "attempted extortion and apparent theft of intellectual property" came to light.
Readers, are you battening down your security hatches? What do you think the fallout for Symantec will be for this incident? Let us know in the comments.