Security giant revises stance that hackers got code from third party
Security giant Symantec has admitted that the recent exposure of source code was in fact a result of its systems being breached, countering earlier claims that the code was stolen from a third party.
Earlier this month the company claimed that source code relating to "two older enterprise products" was stolen when hackers accessed a server belonging to the Indian military. At the time Symantec stressed that its own networks had not been breached.
Now however it has backtracked on those claims and admitted its network was hacked back in 2006. This follows claims from the Anonymous hacking collective that it had Symantec source code and would release it on the web. So far that has not happened.
"Symantec can confirm that a segment of its source code has been accessed," the company said in a statement. "Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006."
Since then, Symantec added, it has updated its systems and policies to guard against any future hack attacks.
The statement also went into details about the source code that was stolen.
"Our investigation continues to indicate that the theft is limited to only the code for the 2006 versions of Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere 12.0, 12.1 and 12.5," it said. "Symantec Endpoint Protection (SEP) 11.0 and Symantec AntiVirus 10.2 inherited a very small amount of exposed code."
"The code that has been exposed is so old that current out-of the-box security settings will suffice against any possible threats that might materialise as a result of this incident," Symantec added.
Customers running the affected Norton products and Symantec Endpoint Protection 11 and AntiVirus 10.2 are not in any danger if they are running the latest security updates and settings. However users of pcAnywhere are in danger, Symantec warned.
"Customers of Symantec’s pcAnywhere product may face a slightly increased security risk as a result of this exposure if they do not follow general best practices," a statement said. "Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation and to provide remediation steps to maintain the protection of their devices and information."
Those Symantec customers running pcAnywhere should ensure they are following best practices related to security, endpoint security, network perimeter security and secure remote access.