Probe Begins in Cisco Flaw Case

A debate over free-speech rights and security of the Internet intensified Friday as authorities opened a criminal investigation of a researcher whom many technology professionals are calling a hero.

The FBI is looking into accusations that researcher Michael Lynn stole trade secrets or broke other laws in publicizing his findings about security flaws in routers made by Cisco Systems Inc. that direct much of the world’s Internet traffic, according to three people familiar with the probe. None agreed to be identified by name, citing the confidentiality of the investigation.

Lynn’s attorney, Jennifer Granick, said her client hadn’t been arrested or indicted, but declined to elaborate. “Neither he nor I can comment until this is over,” Granick said.

Cisco spokeswoman Mojgan Khalili also declined to comment on the investigation but said, “We are going to take every reasonable measure to protect our customers and the integrity of the Internet.”

FBI spokesman Paul Bresson said he was familiar with Lynn’s situation but couldn’t discuss it.

“I recognize what is alleged to have taken place,” Bresson said. “We in the FBI take any claims of any kind of unauthorized access, or theft of any trade secrets ... very seriously.”

The news came a day after Cisco won a legal battle to prevent Lynn from distributing results of his work as an employee of the Atlanta consulting company Internet Security Systems Inc. studying security weaknesses in Cisco routers. The vulnerabilities, although previously known, were more serious than generally recognized and could allow hackers to seriously disrupt Internet traffic, he had concluded.

After his employer ordered him not to deliver a planned presentation about the problem at a Las Vegas Internet security conference this week, Lynn resigned and gave the talk anyway. Cisco and Internet Security Systems promptly sued, alleging theft of trade secrets and copyright violations.

In a tentative settlement reached with Cisco and his former employer Thursday -- approved by a judge a day later -- Lynn agreed to turn over his research and help track down any versions he’d distributed.

By early Friday, however, copies of the slides Lynn used in his demonstration were posted in multiple places on the Internet. Some who had posted copies, including security consultant Richard Forno, said they were later warned that they were subject to legal action if they didn’t remove the information.

“Lynn is a martyr,” said Forno, who said he was waiting for more information before complying with the request.

Forno and others said Cisco had drawn far more attention to the flaws by trying to quash Lynn’s presentation than it would have by ignoring it. Internet discussions among experts raged for hours Friday under such headings as “Exploit Cover Up.”

Word of the FBI inquiry came even as a federal agency that monitors cyberspace security, the U.S. Computer Emergency Readiness Team lab, “strongly recommended” Friday that companies use software updates to fix the router security problem.