USA officials are investigating a recent breach of Juniper Networks software over concerns the “backdoor entry” allowed a foreign government to tap into communications of the US government, news reports said. Quotes attributed to the official suggest that the White House National Security Council is also investigating into the matter, due to Juniper’s interesting admission that some rogue code was inserted into the networking gear maker’s software.
Advertisement
Juniper, a USA government subcontractor has sent out an emergency patch to all their customers “with the highest priority”.
So far no major suspects are identified but officials are certain that it can not be done by a group from U.S looking at the sophistication of the attack.
Juniper’s disclosure has prompted an investigation by the FBI into whether non-U.S. governments were seeking to access the encrypted communication of USA government employees, reported CNN.
It’s not yet clear what if any classified information could be affected, but USA officials said the Juniper Networks equipment is so widely used that it may take some time to determine what damage was done.
In its notification of the breach via a security advisory, Juniper said that the “unauthorized” code can enable hackers to – without leaving any trace of their identity – compromise the whole system and decrypt VPN devices.
According to Juniper, the hackers wrote “unauthorized code” that could allow a “knowledgeable attacker to gain administrative access”, meaning a spy could monitor encrypted traffic and communications.
Juniper has remained in close contact with the U.S. Department of Homeland Security.
“A skilled attacker would likely remove these entries from the local log file, thus effectively eliminating any reliable signature that the device had been compromised”, it said in security update.
Juniper confirmed the breach on Thursday, saying that it discovered two security exploits that could potentially affect products or platforms running on the firm’s ScreenOS platform.
Advertisement
So, now for the investigators and experts, an uphill task remains; that is to study source code comprising of millions of lines because it has been three years since the code was altered and Juniper found it just recently.
