[ISN] Cisco Saves The World -- On TV
isn at c4i.org
Wed May 18 03:11:24 EDT 2005
[After you read this article, fans of "24" might get a kick out of
this: http://www.salon.com/ent/feature/2005/05/16/24/index_np.html - WK]
By Fredric Paul
May 17, 2005
Did anyone happen to see the TV show "24" last week? You know, it's
the Monday-night Fox series where counter-terrorist Jack Bauer, played
by Kiefer Sutherland, spends a desperate day trying to save America
from various forms of annihilation. Well, I've been Tivo-ing the
series since it started four years ago, and it's had its share of
jump-the-shark  moments.
But I fell out of my Lay-Z-Boy last Monday night when a nuclear
terrorist's attempt to penetrate the show's Counter Terrorist Unit's
computer network was foiled by a new security system said to have been
just installed the previous night.
It wasn't just any security system, you see, it was a CISCO security
system. You can see the clip on Cisco's Web site , (QuickTime
required) and here's a rough transcript of the conversation between
Chloe, the show's cranky computer expert, and Buchanan, the suit in
charge of CTU:
Chloe: How did this happen? Mr. Buchanan, the network security monitor
lit up. Someone on the outside is trying to jam our satellite servers.
Buchanan: Could this just be high network load?
Chloe: No, it's definitely a denial of service attempt. What do you
want me to do?
Buchanan: Did it do any damage yet?
Chloe: No, the Cisco system is self defending.
Buchanan: Alright, have one of your people use the security auditor
tool. Maybe it'll give us Marwan's network. [Note: Marwan is a
terrorist attempting to blow up a stolen nuclear bomb.]
Chloe: That was my point from the start.
Buchanan: Chloe, we're in active code. We don't have time for your
personality disorder. [Note: Lines like this are why I still love the
show despite its numerous missteps.] You understand me? Chloe! Yes or
Chloe: Yes, sir.
During this conversation the words "Cisco Security Response System"
appear on Chloe's computer screen, and the Cisco logo looms on large
wall monitors in CTU's headquarters. After the exchange demonstrates
the impregnability of the system, as far as I could tell the whole
computer attack plot line is dropped as quickly as it was mentioned,
mattering not a whit to the overall plot of the show.
Discussion of this remarkably blatant incident is rife on the
blogosphere , and I can see why.
I was so stunned I contacted Cisco about it. A Cisco representative
acknowledged it as "a cool placement," but said the VP of corporate
marketing chose "not to disclose lots of details around our product
placements for competitive reasons." He also declined to mention that
Cisco posted the clip on its site; I found that URL via the
He did add, though, that "Cisco has provided network technology
solutions to the 24 production team for the past four years, since its
inception. We believe this is an innovative way to generate awareness
of our product solutions while enhancing content of the show."
Well, most people don't seem to see it as enhancement of the show, but
my annoyance with product placements is not the point. (For instance,
a Cisco IP communications placement  on "24" didn't bother me
hardly at all, nor did the Alienware laptops used by the bad guys.)
Instead, I saw this placement as a reason to start worrying about the
real state of homeland computer security, and about the false
confidence we have concerning the issue.
Do we really trust our homeland security to Cisco--or to any company
for that matter? I mean, while the "Cisco Security Response System"
works perfectly on TV, in real life Cisco--like most other
companies--has had numerous security lapses. The company recently
acknowledged that its routers, switches, and other products are
vulnerable to denial-of-service attacks and that its IOS (Internetwork
Operating System) may contain vulnerabilities that could permit an
unauthorized user to complete authentication and access network
resources and have other issues.
Furthermore, Cisco's own source code was stolen last year, and the
alleged perps have only recently been arrested.
Now, I know Cisco takes security seriously. It's a big money-maker for
the company, among other things. But the face it presents on "24" is
that this is a problem already solved. The terrorists slink away,
their hacking plans swiftly foiled--though it doesn't stop their
Is that really an accurate refection of the threat we face? And is it
responsible of Cisco to present it that way?
I'm curious to find out what you think of the product placement, and
the message it sends. Feel free to drop me a line .
Fredric Paul is editor-in-chief of TechWeb.
 fpaul at cmp.com
More information about the ISN