by Constantine von Hoffman

Did Someone Launch a DDoS Attack to Protect Symantec Source Code?

Jan 06, 20122 mins
CybercrimeData and Information SecurityData Breach

Would it ever make sense for companies to launch a preemptive strike to protect data?

A site used by hackers to expose source code for two of Symantec’s enterprise security programs has been hit by two denial of service attacks this week.

418px--Attack-Attack-Attack-_-_NARA_-_513888.jpg, a text-file sharing service popular with both legitimate and criminal hackers, was taken down on Tuesday and Thursday. The site was used to announce the theft and future publication of source code for two of Symantec’s enterprise security programs: Endpoint Protection 11.0 and Antivirus 10.2. Symantec has confirmed that the code for the two programs – both more than four years old – has been compromised. (The post has since been taken down but can be read in Google cache.)

In a statement the company said, “The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers. Symantec’s own network was not breached, but rather that of a third party entity.” The company has also said it has no indication the disclosure harms the functionality or security of Symantec’s solutions and that it had no evidence of customer information being compromised.”

The code wasn’t taken from Symantec but from a third-party. The hackers claim that it was “from the Indian Militaty [SIC] Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software companies.”

Cris Paden, a spokesman for Symantec, said the company was unaware of the attacks against Pastebin until I asked them about it. He also said, “We would never condone such an attack. We don’t use attacks to protect ourselves or our customers.” I have not been able to reach anyone at the Indian Defense Ministry for comment yet.

Given Pastebin’s status as a favorite resource for groups like Anonymous and Lulzsec, there is no shortage of groups who would have a motive for acting against it. Clearly, this kind of action is something more often associated with security agencies and black-hat hackers. Still it does raise an interesting question: Is a pre-emptive counter-attack ever a good idea for companies seeking to protect their data?