Revisiting the Nicira Break-In

While doing research on my last post, I spent some time on Martin Casado’s thought-provoking blog, Network Heresy. He doesn’t generate posts prolifically — he’s preoccupied with other matters, including his job as chief technology officer at Nicira Networks — but his commentaries typically are detailed, illuminating, intelligent, and invariably honest.

One of his relatively recent posts, Origins and Evolution of OpenFlow/SDN, features a video of his keynote at the Open Networking Summit, where, as the title of the blog post advertises, he explained how SDNs and OpenFlow have advanced. His salient point is that it’s the community,  not the technology, that makes the SDN movement so meaningful.  The technology, he believes, will progress as it should, but the key to SDN’s success will be the capacity of the varied community of interests to cohere and thrive. It’s a valid point.

Serious Work

That said, that’s not the only thing that caught my interest in the keynote video. Early in that presentation, speaking about how he and others got involved with SDNs and OpenFlow, he talks about his professional past. I quote directly:

“Back in 2002-2003, post-9/11, I used to work for the feds. I worked in the intelligence sector. The team I worked with, we were responsible for auditing and securing some of the most sensitive networks in the United States. This is pretty serious stuff. Literally, if these guys got broken into, people died . . . We took our jobs pretty seriously.”

It doesn’t surprise me that OpenFlow-enabled SDNs might have had at least some of their roots in the intelligence world. Many technologies have been conceived and cultivated in the shadowy realms of defense and intelligence agencies. The Internet itself grew from the Advanced Research Projects Agency Network (ARPANET),  which was funded by the Defense Advanced Research Projects Agency (DARPA) of the United States Department of Defense.

Old-School Break-In

When I heard those words, however, I was reminded of the armed break-in that Nicira suffered last spring, first reported in a Newsweek cover story on the so-called “Code War” and cyber-espionage published in July.  What was striking about the breach at Nicira, both in and of itself and within the context of the Newsweek article, is that it was a physical, old-school break-in, not a cyber attack. An armed burglar wearing a ski mask broke into Nicira Networks and made his way purposefully to the desk of “one of the company’s top engineers.” The perpetrator then grabbed a computer, apparently containing source code, and took flight.

Palo Alto constabulary portrayed the crime as a bog-standard smash and grab, but “people close to the company” and national-intelligence investigators suspect it was a professional job executed by someone with ties to Russia or China. The objective, as one might guess, was to purloin intellectual property.

The involvement of national-intelligence investigators in the case served as a red flag signaling that the crime was not committed by a crank-addled junkie hoping to sell a stolen computer. There’s a bigger story, and Newsweek touched on it before heading off in a different direction to explore cyber espionage, hack attacks, and the code-warrior industry.

Nicira’s Stealth Mode

Last month, the New York Times mentioned the Nicira break-in during the course of an article titled “What Is Nicira Up To?”.

Indeed, that is a fair question to ask. There still isn’t much meat on the bones of Nicira’s website, though we know the company is developing a network-virtualization platform that decouples network services from the underlying hardware, “like a server hypervisor separates physical servers from virtual machines.”

It’s essentially software-defined networking (SDN), with OpenFlow in the mix, though Nicira refrained assiduously from using those words in its marketing messages. On the other hand, as we’ve already seen, CTO Martin Casado isn’t shy about invoking the SDN acronym, or providing learned expositions on its underlying technologies, when addressing technical audiences.

Mystery Remains 

Let’s return to the break-in, however, because the New York Times provided some additional information. We learn that a significant amount of Nicira’s intellectual property was on the purloined computer, though CEO Steven Mullaney said it was “very early stuff, nothing like what we’ve got now.”

Still, the supposition remained that the thief was an agent of a foreign government. We also learned more about Casado’s professional background and about the genesis of the technology that eventually would be developed further and commercialized at Nicira.  Casado’s government work took place at Lawrence Livermore National Laboratory, where he was asked by U.S. intelligence agencies to design a global network that would dynamically change its levels of security and authorization.

We might never discover who broke into Nicira last May. As the Newsweek story recounted, government investigators have advised those familiar with the incident not to discuss it. Questions remain, but the mystery is likely to remain unsolved, at least publicly.

One response to “Revisiting the Nicira Break-In

  1. Great write up. It seems as Martin Casado’s background is def influencing Nicira’s hush hush philosophy…and it’s also a good marketing strategy by the way! Just like Apple.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s