by CIO Staff

Juniper Hires Cisco Hacker

Nov 07, 20052 mins

It looks like there is life after Black Hat for Michael Lynn, after all. The former Internet Security Systems Inc. (ISS) researcher has landed a job with networking vendor Juniper Networks Inc. just months after creating an international stir at July’s Black Hat USA conference by disclosing information about security weaknesses in Cisco routers.

On Friday, Juniper spokeswoman Kathy Durr confirmed that Lynn had been hired by her company, but she declined to provide any other details on the matter.

Lynn was forced to quit his job in order to give the presentation and was quickly sued by both ISS and Cisco. That lawsuit was dropped after Lynn agreed not to discuss the contents of his presentation.

The security researcher has said he gave the controversial talk in order to draw attention to a critical issue in the security of the Internet: security vulnerabilities in the software that powers routers.

“I think I did the right thing,” Lynn said after settling the lawsuit. “It was pretty scary, but the real important message was [that] there was a potential or serious problem coming in the future. It wasn’t too late to fix it, but you had to take it seriously.”

He may have achieved that goal. Earlier this week, Cisco patched a second flaw in the Internetwork Operating System that powers its routers, saying it was related to the research Lynn had done.

A Cisco spokesman declined to comment on Lynn’s new job.

By Robert McMillan, IDG News Service