Feeds

Hacking contest publicity stunt backfires

Spin paramedics called to scene of security disaster

  • alert
  • submit to reddit

Boost IT visibility and business value

A cunning plan by a security firm to publicise its product by challenging hackers to deface a Web site has backfired.

Argus Systems hoped to promote itself at the Infosecurity exhibition in London this week by running a $50,000 competition inviting hackers to break into a Web server protected by its intrusion protection security product, called PitBull.

The competition was supposed to run throughout the week but a team of computer hackers from a Polish group called Last Stage of Delirium (LSD) broke into the target server last weekend to claim the prize.

Argus said the LSD hack was not an exploit of its software but related to a previously unpublicised kernel level vulnerability, related to Solaris on Intel's x86 architecture.

Details of the vulnerability, which Argus said could affect other x86 operating systems, will be publicised when vendors are notified and a fix is available. Solaris on x86 isn't a commercial system for Argus, so the issue affects none of its PitBull customers.

PitBull is designed to provide operating system level security and is supposedly better at preventing the compromise of Internet-facing systems than other kinds of security technology, such as firewalls.

Spinparamedics from Argus yesterday denied that the hacking challenge was a publicity stunt that backfired causing embarrassment for them, as well as security integrator Integralis and hardware vendor Fujitsu Siemens. Argus is a private-held firm and something of a nobby nobody of networking security that seems to be looking for any publicity it can get (good or bad), but we expect better things from (normally technically excellent) Integralis and Fujitsu Siemens.

A spokeswoman for Argus ("all our technical people are back in the States") said that ultimately it had to rely on operating system vendors to make their technology secure. She then claimed that the success of LSD in hacking a system protected by PitBull vindicated Argus' approach that security must start at the operating system level.

This might be true but the hacking challenge has hardly bolstered PitBull's reputation in the market - and a demo of the product running on any kind of server was strangely absent from the Infosecurity show yesterday... ®

External links

Argus' spin on hacking contest

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?