Companies are understandably reluctant to discuss their security failures.

But one notable episode shows just how damaging the secret tampering with source code can be.

Before the 2004 Summer Olympics in Athens, an unidentified hacker inserted secret programs into four telephone switching computers operated by the Vodafone Group, the world’s largest cellphone carrier. The programs created a clandestine tapping system that allowed unknown snoops to eavesdrop on cellphone calls and track the location of about 100 prominent Greek citizens, including then-Prime Minister Kostas Karamanlis, military officials, the mayor of Athens, activists and journalists.

The infiltration was uncovered in a government investigation after a Vodafone engineer was found dead in 2005 under suspicious circumstances.

Although the recent round of attacks against Google and other companies appears to have come from China, the threat is not limited to that country, according to computer security researchers. A host of nations, private corporations and even bands of rogue programmers are capable of covertly tunneling into information systems.

“Our conventional military dominance drives our adversaries to cheat, lie and steal,” said James Gosler, a fellow at Sandia National Laboratories and a visiting scientist at the National Security Agency, in a speech last year to Pentagon employees. “The offensive technical capability to play this game is well within the reach of the principal adversaries of the United States. In fact, one could argue that some of our adversaries are better at this game than we are.” Over the years, Chinese attackers have shown the most interest in military and technology-related assets, leaving assaults on financial systems to hackers in Russia and Eastern European countries.

A look at the source code of software at a company like Adobe or Cisco can help attackers find new ways to burrow into products before the companies can fix errors in their software. In addition, the hackers can gain insights into how to insert their own code into the software so that they can have ready access to machines down the road. “One of the U.S. government’s biggest worries is that the attackers will place that source code back into products,” said George Kurtz, the chief technology officer at McAfee.

For example, the widespread appearance of counterfeit Cisco routers, which direct traffic on computer networks, has become a major concern in recent years.

Cisco is required by law to include technology in its networking products that allows investigators to tap the hardware for information. The fear is that a country like China could sell counterfeit routers containing slightly modified software that would allow hackers to dial into the systems. “That could provide the perfect over-the-shoulder view of everything coming out of a network,” Mr. Moss said.

A Cisco spokesman, Terry Alberstein, said that the company had extensively tested counterfeit Cisco routers. “We have not found a single instance of software or hardware that was modified to make them more vulnerable to security threats,” he said.

Alan Paller, director of research at the SANS Institute, a security education organization, said American technology companies had gotten better about protecting their most prized intellectual property by creating more complex systems for viewing and changing source code. Such systems can keep a detailed account of what tweaks have been made to a software product.

But such security can be undermined by employees who open malicious files sent to them in e-mail, said Mr. Kurtz. “One of the greatest vulnerabilities remains the people element,” he added.