Cisco accused of data theft

[Erica Absetz <eabsetz () opensecurityfoundation org>]

http://www.networkworld.com/news/2013/031313-cisco-multiven-267658.html?hpg1=bn

Network World - Cisco is accused of stealing thousands of proprietary
and copyrighted data files from third-party services nemesis Multiven,
which filed a complaint against the company with law enforcement
authorities in the U.S. and Switzerland.

Multiven, whose CEO Peter Alfred-Adekeye was at the center of a
bizarre orchestrated arrest episode involving Cisco, accuses Cisco of
unauthorized access by Cisco to Multiven's knowledge base,
mysolvr.com, using automated cyber-scraping software. Multiven alleges
Cisco stole thousands of proprietary and copyrighted data from
Multiven's knowledge base on at least four separate occasions between
December 2009 and January 2010.

[ THE ACCUSED: Former Cisco engineer indicted on hacking charges ]

The company says the incursions "put undue load on Multiven's server
resulting in a degraded service for its legitimate users and
customers," and are "clear violations" of the U.S. federal Computer
Fraud and Abuse Act and the Computer Data Access and Fraud Act.

"Multiven's subsequent investigation revealed that the theft involved
over 53,000 'requests' that originated from three Internet Protocol
('IP') addresses assigned to Cisco Systems, Inc., headquartered in San
Jose, California," the company states in a press release.

Alfred-Adekeye even went so far as to accuse Cisco CEO John Chambers
and General Counsel Mark Chandler of orchestrating the infiltration.

"Based on the fact that the source IP addresses of these systematic
and premeditated theft of Multiven's intellectual property by Cisco
Systems originated from Cisco's headquarters in San Jose, California,
it is clear that Cisco CEO John T. Chambers and General Counsel Mark
Chandler or people under their control instigated these thefts,"
Alfred-Adekeye said in the press release.

Cisco says the charges are nonsense.

"This is yet another false accusation from Multiven, and we strongly
reject this claim," a company spokesperson stated in an email
response. "The only access that Cisco has ever had to Multiven content
is through its website, which is readily available to the general
public.

"Further, it's important to note that Multiven's CEO is currently
under federal indictment in the U.S. for behavior -- including
stealing Cisco software in violation of the federal Anti-Hacking
Statute -- similar to their own accusations."

Though claiming it was "severely harmed" by these actions, Multiven is
only seeking an apology from Cisco, and assurances that it will delete
the ill-gotten data and not use any of it in current or future
products and services.

"The data ... could enable Cisco Systems, Inc. to effectively
replicate Multiven's entire knowledge base -- a key component of
Multiven's intellectual property, trade secret and livelihood with a
value in the billions of Dollars," Alfred-Adekeye states in the press
release.

Multiven said it discovered the attacks were from Cisco through
firewall logs. Once the first attack was identified and blocked by
Multiven's cybersecurity team, the firewall continued to log packets
coming from the blocked IP address, the company states. The log files
showed that another two IP addresses assigned to Cisco then began to
attack Multiven's data "with a view to capturing all its proprietary
files," the company claims.

Multiven said it found no evidence that customer or user passwords
were included in the data "stolen" by Cisco.

"Start-ups and young enterprises are key to turning around the current
global economic downturn," Alfred-Adekeye states in the press release.
"However, for them to succeed, the law must protect their intellectual
property from monopolistic organizations that abuse their dominant
positions to stifle competition, innovation and consumer choice for
their selfish gain."

Cisco and Multiven have been suing and countersuing each other for years.

Jim Duffy has been covering technology for over 25 years, 21 at
Network World. He also writes The Cisco Connection blog and can be
reached on Twitter @Jim_Duffy.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.