Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Monday, 17 June 2019 08:55

Symantec hid breach of demo system for four months: report

Symantec hid breach of demo system for four months: report Image by ibrahim abed from Pixabay

American cyber security behemoth Symantec suffered a breach of its systems in February but kept quiet about it even though passwords and a list of companies said to be its clients were stolen by an attacker.

The Guardian reported that its staffer, Paul Karp, had seen the list which included a large number of Australian Federal departments. The attacker was the same one who had contacted the newspaper and claimed to have Medicare data for sale on the dark web.

Symantec has played down the incident, telling The Guardian that the system involved was "an isolated self-enclosed demo lab in Australia" not connected to its corporate network.

But don't security companies secure such labs even if they are, as the company put it, "used to demonstrate" security solutions and how they work together? Or are they left open to world+dog?

How many other breaches of this kind have taken place at Symantec and gone unreported? We only know about this incident because Karp got wind of it. Four months have gone by since it occurred, so it looks like Symantec was resorting to an old Microsoft recipe: security through obscurity.

symantec homepage

A screenshot of part of the Symantec homepage.

The company told The Guardian that the incident in question was not reported because it had concluded "no sensitive personal data was hosted in or extracted from this demo lab, nor were Symantec’s corporate network, email accounts, products or solutions compromised".

Whether the files within that system were dummy data or not, the only systems that are left open on the Internet are play servers where the person who sets them up wants them to be breached in order to collect data for a study. Another category of system known as a honeypot is often left with some ports purposely open so that it is attacked, once again for the purpose of study.

Rather than trying to whitewash the incident now, Symantec should have made proper disclosure at the time and said everything that it is now being forced to say.

It is a bad look for a company that claims to have "the strongest cyber defence platform powered by the world’s largest and most dynamic civilian threat intelligence network".


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments