Jennifer Granick, the Electronic Freedom Foundation lawyer who represented Lynn in 2005, said that Cisco could bring these trade-secret claims against Muniz, but because the technical community reacted so negatively to the 2005 lawsuit, she believes that this may not happen. "Cisco thinks of itself as really researcher-friendly," she said. "I think they will be very careful before filing legal action."

Still, the rootkit comes at a sensitive time for Cisco. Last week, the New York Times reported that the FBI considers the problem of fake Cisco gear a critical U.S. infrastructure threat.

In late February the FBI culminated a two-year investigation by breaking up a counterfeit Cisco distribution network and seizing an estimated $3.5 million worth of components manufactured in China. According to an FBI presentation on Operation Cisco Raider, fake Cisco routers, switches and cards were sold to the U.S. Navy, the U.S. Marine Corps., the U.S. Air Force, the U.S. Federal Aviation Administration, and even the FBI itself.

The U.S. Department of Defense has expressed concerns that the lack of security in the microelectronics supply chain could threaten the country's defense systems, and the idea that an attacker could sneak a rootkit onto a counterfeit Cisco system has security experts worried.

Cisco routers are typically compromised by hackers who are able to guess their administrative passwords, said Johannes Ullrich, chief research officer with the SANS Institute. But there are few tools around to check these systems for signs of hacking. "How would you find out?" he said. "That's the big problem."