Symantec Pees Itself, Doesn’t Notice For Six Years

There are things that never cease to amaze me in life, but this is not one of them. Symantec–a storied company which makes decent products for the Enterprise Computer market but isn’t really worth the price for home users–has announced that yeah, they got hacked. Okay, fair enough, right? After all, hacks happen, and nobody’s immune. But get this: they were hacked all the way back in 2006, and only now are realizing that their source code was stolen.

Holy.Freaking.Crap. And it gets worse.

According to the Wired article, Symantec now believes that the source code for their “2006 era” software was stolen. OK, fair enough–but software doesn’t start over from scratch each and every year–the codebase is built and evolved over time, meaning that some portion of that code is still part of today’s products. It’s likely that it’s a fairly large portion of code, to boot, given the breadth of products Symantec offers on a common platform, including consumer and professional level antivirus applications, to say nothing of remote access apps.

This latter area should be of particular concern to IT administrators. Apparently, hackers have not only distributed Symantec’s source code for these products, but have reverse engineered the PC Anywhere product to allow for easy control of remote PC Anywhere servers. That’s bad news any way you slice it, and a superb catalyst for getting your organization the hell off of their products. Luckily, with highly competent alternative services abounding these days, it should be easy to replace PCA with the likes of a Team Viewer or Go To My PC type alternative.

What an embarrassing turn of events for Symantec, and a wake up call for Systems Administrators everywhere to look elsewhere for their antivirus and remote access software needs.

Source: Wired