Cisco Systems Inc. said yesterday that it is investigating the possible theft of some of the core software code that runs its networking gear, which makes up much of the backbone of the Internet.
A sample of the raw programming was posted online by Russian Web site SecurityLab.ru over the weekend. A spokesman for the FBI said it is working with Cisco to investigate the matter.
"Cisco is aware that some portion of its . . . code, which is proprietary, has been reported on a public Web site," said company spokeswoman Mojgan Khalili yesterday in an e-mail.
The computer code is part of the company's Internetwork Operating System, which runs the Cisco-built hardware that makes the Internet work. The IOS, as it is known, consists of millions of lines of source code, and there are hundreds of versions of it in existence. It was not clear yesterday which version of the software was stolen.
Source code is the raw software that interacts with computer hardware and is of high interest to hackers who could use it to find security weaknesses to exploit.
The apparent theft may or may not result in new security problems. Some of the source code for Microsoft's Windows operating system was published online earlier in this year; though the compromised code in that case has since led to the discovery of at least two previously unknown weaknesses in Microsoft's flagship software, it did not lead to the wave of hacker attacks that some had feared.
Kevin D. Mitnick, a well-known former hacker who now works as a computer security consultant, said this is not the first time he has heard of Cisco programming circulating the underground.
"I've been offered up Cisco source code three times in the last three years," he said, adding that at least two of the three sources seemed credible to him. "Of course, I declined."
Ken Dunham, director of malicious code at iDefense Inc., a Reston-based computer security firm, said that the code theft "could be serious" but that "there are a lot of 'ifs'" to take into account. The missing code may simply not contain any significant vulnerabilities, he said.
Dunham said he has not seen a large amount of traffic related to the stolen Cisco code on hacker sites. Though a few hackers on a few sites have offered the code for sale, he thought many of these were dubious claims -- or "trash talking," as he put it.
"It would almost be better for the code to be out there," he said, "as opposed to the unknown of who might have this, who might be using this and what for."