Cisco to Silence Security Researcher

By | December 28, 2005

A critical security flaw discovered in an operating system that runs the majority of the world’s computer networks would, if exploited, could expose the internet to a crippling attack and allow attackers to bring down critical infrastructures, according to a security research company.

Michael Lynn, a former research analyst at Internet Security Solutions, lost his job after he briefed Black Hat conference attendees about a flaw in the software that powers Internet routers.

Cisco Systems and ISS, has taken a legal action to prevent from Lynn talking about the flaw. According to the companies, Lynn is said to have illegally reverse-engineered Cisco operating system and that he stands to profit from this research.

Major segment of the Internet infrastructures relay heavily on Cisco routers and exploiting the flaw could possibly crash those systems or intercept Internet communication.

Lynn said that the security hole in Cisco operating system was patched in April, and the flowed version is no longer available for download. Yet, Cisco didn’t want the information go public until the release of a new version.

“In large part I had to quit to give this presentation because ISS and Cisco would rather the world be at risk, I guess,” Lynn said. “They had to do what´s right for their shareholders; I understand that. But I figured I needed to do what´s right for the country and for the national critical infrastructure.”

Leave a Reply