Cisco: The Next Big Security ConcernMarch 8, 2008 – 6:05 PM
Which operating system, embedded in more than 80% of enterprise IT environments, represents one of the fastest-growing hacker targets and potentially the most-devastating information-security vulnerability? Hint: It ain’t Windows. Cisco Systems’ Internetwork Operating System now sits at the center of the information security vortex. Because IOS controls the routers that underpin most business networks as well as the Internet, anyone exploiting its flaws stands to wreak havoc on those networks and maybe even reach into the computer systems and databases connected to them. IOS is a highly sophisticated piece of software, but–as with Microsoft’s Windows–that’s a double-edged proposition. Software complexity can be a hacker’s best friend.
Cisco is working hard to better shield its routers and other network equipment from the risks, but there are reasons to believe Cisco security will become a bigger problem before it gets better. The sheer amount of Cisco equipment installed, the many versions of IOS involved, the difficulties of upgrading that software, and the IOS vulnerabilities already out there or yet to be discovered present a major challenge to network administrators and security professionals.
Just last week, Cisco issued a security advisory for a serious IOS “heap-overflow” vulnerability that could let hackers get control of routers and switches running certain versions of the software. Cisco said it’s not aware of any “active exploitation” of the vulnerability, which will give customers at least short-term comfort. But Cisco notes that successful exploitations of similar vulnerabilities in the past have resulted in denial of service when the exploit caused a router to crash and reload. “In the event of successful remote code execution,” Cisco warns, “device integrity will have been completely compromised.”