Cisco to pay fine for selling hackable technology
by Akandu Ukoha
The tech giant, Cisco, have agreed to pay a $8.6 million fine for selling video surveillance software that was vulnerable to hackers. These equipment were provided to hospitals, airports, government agencies and schools. According to the settlement, Cisco had known about this vulnerability for 4 years, made no attempt to fix the issue and continued to sell the software to clients. The vulnerability allowed hackers to spy on video footage, turn the camera on and off, delete footage and much more. Hackers could also compromise other connected physical security systems such as alarm or locks. The worrying issue concerning this security weakness is that it was easy to find and exploit.
In a statement, Cisco said there was no evidence that the bug was exploited. “We are pleased to have resolved” the dispute, a Cisco spokesman said. “There was no allegation or evidence that any unauthorized access to customers’ video occurred as a result of the architecture.” The government however noted that any hacking attempts would probably have left little to no evidence. However, “As far as we know no major breaches resulted from this. But it was left unaddressed for [four] years.”
This is the first time that a company has paid a fine for cyber security lapses under the federal whistle blower law. The settlement also comes as the federal government is doing a top-to-bottom review of its multibillion-dollar contracting efforts, which officials have said were never designed to deal with cybersecurity. The concern is that the government may be inadvertently greenlighting a slew of hackable products for purchase by federal agencies — many of which are then also bought by states and government grant recipients such as schools and hospitals.
Marks, J. (2019, July 31). Cisco to pay $8.6 million fine for selling government hackable surveillance technology. Retrieved from https://www.washingtonpost.com/politics/2019/07/31/cisco-pay-million-fine-selling-government-hackable-surveillance-technology/?utm_term=.0fe60d144dff
June 6, 2019
August 2, 2018
August 4, 2019