Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The long term effects of Symantec's Code Leak


Published on

This is a brief overview of the Symantec source code leak, what it means to users, and what organizations should do about it.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

The long term effects of Symantec's Code Leak

  1. 1. SYMANTEC CODE RELEASED! SO WHAT? What it means to users The Lorenzi Group(C) 2012 THE LORENZI GROUP LLC
  2. 2. SYMANTEC• Largest maker of security software for computers in the world• Based in Mountain View, CA USA• Sample of Brand Names: Symantec, Norton, Ghost, Veritas, Endpoint,• Publicly Traded: SYMC• F500 and S&P 500• Employees: +18,000• Revenue: $6B• NOTE: Symantec, Norton, Ghost, Veritas, & Endpoint are products and brand names own by Symantec Corporation.(C) 2012 THE LORENZI GROUP LLC
  3. 3. EVENT• A hacker with the screen name “Yama Tough” from the Indian hacking group Lords of Dhramaraja penetrated a 3rd party’s IT security (NOTE: This unconfirmed 3rd party organization, held sensitive Symantec documentation) and stole the source code for Symantec’s Endpoint and AntiVirus products.(C) 2012 THE LORENZI GROUP LLC
  4. 4. RESULTS• Confidential source code (the core software of the programs) has been released publicly by the hackers and posted online.• Symantec claims there will be little effect on users.• Experts disagree with Symantec’s assessment that this is a minor event and that it will not affect a significant amount of users.(C) 2012 THE LORENZI GROUP LLC
  5. 5. WHY DO EXPERTS DISAGREE WITH SYMANTEC?1. The software isn’t as old or out-dated as Symantec makes it appear2. The software is currently being used by many organizations around the world3. Most software today is built to be modular, meaning that pieces are created individually and connected together using code. This is done to create more flexibility and reduce design costs. It is unrealistic to think that some parts or all of this leaked code is not being used in some format or style in current or future Symantec software.4. Even if none of the code is used in current software, the leaked and posted documentation gives hackers and professional criminals insight into the software languages being used by Symantec, the format of the code, the Symantec coding process, and ideas on how Symantec things about software security.(C) 2012 THE LORENZI GROUP LLC
  6. 6. HOW DID THIS HAPPEN?• Set it and Forget it Security: • Symantec and it’s 3 rd party organizations set up AntiVirus, AntiSpyware, and Firewalls and do not actively monitor them.• Symantec does not have proper BAA’s (Business Associate Agreements) in place.• Symantec does not properly audit 3 rd parties that hold confidential data• Symantec and it’s 3 rd parties do not proactively monitor their networks and devices for anomalies• It is HIGHLY likely that “Yama Tough” or another member of Lords of Dhramaraja is an employee of Symantec or it’s 3 rd party partner.• Set It and Forget It Security is DEAD! Proactive monitoring of networks and devices 24x7, and the use of AV/AS software, Firewalls, and DLP devices, are the only way to protect data today.(C) 2012 THE LORENZI GROUP LLC
  7. 7. WHY YOU SHOULD CARE• If you use Symantec software, you are at risk. NOTE: It can be ANY software from Symantec, not just their AntiVirus software.• If you have friends, family, peers, or interact with organizations that use Symantec software, you are at risk.• Expect to receive an increase of emails, posts, IM requests, and SPAM because of this. Accidently clicking on any of these may expose your data.(C) 2012 THE LORENZI GROUP LLC
  8. 8. WHAT YOU CAN DO• Run all software updates for Operating Systems and Antivirus, AntiSpyware, and Firewall software.• Run Software and Firmware updates for Firewalls, DLP, and other security devices.• Educate employees on the potential new wave of threats, their risks, and how to avoid them.• Begin evaluating AntiVirus software from vendors other than Symantec.• Begin proactively monitoring all traffic on network devices, including those of remote and mobile workers.(C) 2012 THE LORENZI GROUP LLC
  9. 9. THE LORENZI GROUP Digital Forensics Data Security Proactive Network & Device monitoring (Lorenzi ANM) Research & Reputation Management 866-632-9880 2012 THE LORENZI GROUP LLC