The U.S. military has warned that it reserves the right to retaliate with military force if come under cyberattacks and has begun a legal framework to cover offensive operations.
The U.S. military has warned that it reserves the right to retaliate with military force if come under cyberattacks and has begun a legal framework to cover offensive operations. Reuters

Symantec, the owner of Norton Anti-Virus and other security software brands, said someone claiming to be part of Anonymous attempted to extort $50,000 in return for not posting code.

The world's No. 1 security software company said it investigated the incident and called the police, but provided no further details. Shares of Sunnyvale, Calif.-based Symantec rose nine cents to $17.62 on Tuesday.

The announcement came less than a week after VeriSign, the Reston, Va.-based registrar of domain names disclosed it, too, had been attacked and Director of National Intelligence John Clapper warned the U.S. House Permanent Select Committee on Intelligence "cyber intruders continue to explore new means to circumvent defensive measures."

Shares of VeriSign, which closed Tuesday at $36.53, down seven cents, have been mainly unchanged since disclosing its breach.

Given the threat to national and corporate computer systems, one might ask if anything is safe?

"People assume that Symantec and VeriSign and RSA [Security, part of EMC] have excellent security but that's not true," said veteran security information specialist C. Warren Axelrod. "They are subject to the same market forces as anyone."

Indeed, Axelrod said in an interview, even Pentagon agencies don't conduct rigorous testing to ensure military systems are safe.

"Terrorists were able to penetrate the drone system with a $30 piece of software," he recalled. "The Pentagon said it couldn't take precautions." Even companies that spend a lot on security, like Citgroup, are subject to cyberattack.

Axelrod, who has testified on computer security before the U.S. House Committee on Energy and Commerce, has spent most of his career in the sector. In 1999 he chaired two Securities Industry Association committees charged with contingency planning for the year 2000.

In the latest incident, Symantec disclosed it has been negotiating for a month with a group known as Lords of Dharamaja who may have leaked 1.27 gigabytes of source code for Symantec's PCAnywhere software on Monday.

The Lords, part of Anonymous, were negotiating with police, not Symantec, the company said, and posted the code after rebuffing a $50,000 payment.

Axelrod, who was not aware of the incident, suggested it could well be the work of an insider or the result of what he called "a leaky system."

Symantec, the biggest security provider; VeriSign and smaller companies such as RSA Security, don't test their systems rigorously, he said. The result can be painful, as in last May's breach of RSA which cost the banking industry around $100 million, or a similar infiltration of the computer systems at Lockheed Martin, one of the top defense contractors.

Last week, Clapper, the top U.S. official responsible for security, warned of the increased "velocity" of cyberattacks launched by groups such as Anonymous and Lulzsec as well "adversaries" in Russia, China and Iran.

Axelrod, who also writes for the BlogInfoSec.com site - which features a Symantec ad - said the entire technology sector is ripe for hacking. Aside from corporate networks, semiconductor companies whose chips are made at contractor foundries are at risk because they don't check the associated software.

The lack of testing, or even sampling of chips, could mean cyber attackers could lay the foundations for years of disruption, he said.