Skip to main content
BBC NEWS / TECHNOLOGY
Graphics VersionBBC Sport Home
News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia | UK | Business | Health | Science & Environment | Technology | Entertainment | Also in the news | Have Your Say |
Thursday, 25 January 2007, 12:51 GMT

Net 'backbone' has security patch

Mouse and keyboard, Eyewire The firm that makes hardware for much of the backbone of the internet has released three patches for security holes in its products.

Cisco has issued the fixes to internet service providers who are expected to roll out repairs in the coming days.

But there is concern that malicious hackers could exploit the flaws in the routers before the problems are fixed.

At least one of the holes could lead to e-mail and internet access issues, according to security experts.

Mikko Hypponen, chief research officer with F-Secure, said: "There's not much consumers can do themselves; these patches affect only the internet infrastructure itself, the routers which companies are using to pass on net traffic.

"Some sites and services might be down."

"There will always be new vulnerabilities. The internet will never be 100% safe"
Mikko Hypponen, chief research officer, with F-Secure

However, Cisco has said it is not aware of "any current exploitation of these vulnerabilities".

In a statement the company said: "Cisco is aware of multiple vulnerabilities that may impact Cisco IOS and IOS XR devices and has published three separate security advisories about them.

"In all cases, Cisco has made free software available to address the vulnerabilities for affected customers."

Malicious

One of the holes could see a malicious hacker take control of a Cisco router and install software of their choosing.

"Any flaws in Cisco routers that are in widespread use is very concerning as these are the basic building blocks of the internet," said Mr Hypponen.

Cables

But he said the types of attacks would be limited because there was little financial motive.

"If you look at the different attack scenarios and who would use those vulnerabilities, it's not that obvious who would exploit these holes - you can attack certain operators or companies and crash their public services such as e-mail and web sites.

"I guess we will be seeing attacks from hobbyist hackers."

Mr Hypponen said he did not expect the problem to go on for long.

"Critical companies will patch their routers very quickly."

Mr Hypponen said that the news of the holes and the resulting patch had actually made the net safer, not more vulnerable.

"Although it looks like bad news it is good news too.

"There will always be new vulnerabilities. The internet will never be 100% safe."



E-mail this to a friend
Related to this story:
Hi-tech crime: A glossary (05 Oct 06 |  UK )
Storm chaos prompts virus surge (19 Jan 07 |  Technology )
Tips to help you stay safe online (07 Oct 06 |  Technology )
Spam surge drives net crime spree (26 Dec 06 |  Technology )

RELATED INTERNET LINKS
Internet Storm Center diary
Cisco security advisories
F-Secure
The BBC is not responsible for the content of external internet sites


SEARCH BBC NEWS: 
News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia | UK | Business | Health | Science & Environment | Technology | Entertainment | Also in the news | Have Your Say |

NewsWatch | Notes | Contact us | About BBC News | Profiles | History

^ Back to top | BBC Sport Home | BBC Homepage | Contact us | Help | ©