Year-Long Challenge Frustrates Hackers and Confirms Sidewinder Firewall and SafeWord Authentication Products are Impenetrable
SAN JOSE, Calif., June 28, 2001 – Secure Computing (NASDAQ: SCUR) today reiterated that its e-Security Challenge will be retired at the close of the Black Hat and DEFCON Conferences in Las Vegas, July 15, 2001. The contest was originally launched almost one year ago at the Black Hat 2000 conference with a $10,000 reward for the first person to crack the e-Security Challenge site. At the RSA Conference in April 2001, the reward was raised to $50,000, and has increased one cent per second until recently, when the maximum award of $100,000 was reached. As yet, no one has claimed the award. To date, 19,812 attacks were waged against the e-Security Challenge Site, which remains un-compromised. Complete contest rules and award information are available at the e-Security Challenge Site at http://www.challenge.securecomputing.com.
The competition focuses on penetrating the e-Security Challenge Site and retrieving a file called “secret” from the site’s internal mail server. Hackers can access the Challenge at http://www.challenge.securecomputing.com. The first person to mail the contents of this file to email@example.com wins $100,000, a coveted Sidewinder leather jacket and “bragging rights” that they are the first person to ever compromise Secure Computing’s award-winning Sidewinder(tm) firewall and SafeWord(tm) access control system.
“It doesn’t surprise me that Sidewinder and SafeWord couldn’t be compromised,” said Jeff Moss, president of Black Hat, Inc. and also known as Dark Tangent in the Hacker Underground. “Hackers around the world have been frustrated by Secure’s e-Security Challenge.”
The e-Security Challenge Site demonstrates that Secure Computing’s products provide the highest level of network security possible, short of not having a network at all. The Challenge Site is the equivalent of an 11-server, e-business extranet in a similar architecture implemented by organizations doing e-business, secured by Secure Computing’s access control products including Sidewinder firewall and VPN gateway and SafeWord access management software.
A demonstration file is accessible from the Internet, but only to the SafeWord-authorized user. This illustrates the capability that most e-businesses need3the accessibility of information to customers, partners and suppliers. A ‘secret’ file is accessible to users on the internal side of the extranet, but is protected by Sidewinder. This represents the files on corporate internal servers that need to be kept private. Most successful attacks are the result of crackers using software tools readily available on the Internet to exploit vulnerabilities associated with applications and operating systems or cracking fixed passwords to gain unauthorized access. Most firewalls can be compromised because they run on commercial operating systems that are open and not designed with security in mind or because their design prevents them from actually filtering out application vulnerabilities in the traffic. Sidewinder with SecureOS, built with Secure’s patented Type Enforcement technology, provides application filtering and an air-gapped, proxy architecture that prevents attackers from getting through. SafeWord, which uses dynamic passwords, provides authorized access to the extranets and intranets for only entitled users and prevents attackers from exploiting fixed password attacks. When used together, Sidewinder and SafeWord enable safe, secure extranet and intranet access, as demonstrated by the success of the e-Security Challenge.
“Time is running out – there’s only a few weeks left for someone to crack our challenge site and claim the $100,000 prize,” said Carr Biggerstaff, senior vice president of marketing, planning, and business development, at Secure Computing. “Secure Computing has once again demonstrated the effectiveness of its security solutions in front of the world’s most dangerous hackers, and maintains its status as the only security company to issue such a challenge and remain un-compromised. With this contest, we’ve shown SafeWord and Sidewinder are the most secure ways to protect information while making it accessible to customers, partners and suppliers. We stand behind our promise to deliver the security solutions that e-businesses need now and in the future.”
About Secure Computing
Headquartered in San Jose, CA, Secure Computing Corporation (NASDAQ: SCUR) is the leading provider of enterprise access control software and services. Secure Computing software products and services control access to applications and networks based on user authentication and authorization to market-leading VPNs, firewalls, Web servers and embedded devices. Secure Computing’s worldwide partners and customer base are counted among the Fortune 50 in financial services, healthcare, telecom, communications, manufacturing, technology and Internet service providers, as well as some of the largest agencies of the United States government. For more information, visit the Secure Computing Web site at www.securecomputing.com.
All trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
This press release contains forward-looking statements relating to the anticipated access to Secure Computing’s e-Security Challenge Site at the Black Hat and DEF CON Conferences in Las Vegas, July 15, 2001. The following are important factors that could cause actual results to differ materially from the forward-looking statement: that the e-Security Challenge Site might not have the intended result, and if it is successful, it will not materially enhance the Company’s performance; and other risk factors detailed from time to time in Secure Computing’s periodic reports and registration statements filed with the Securities and Exchange Commission. In addition, to claim a successful hack, the participant must obey all rules and provide Secure Computing with the steps used to gain access.