US Agencies Freak Out Over Juniper Backdoor
Juniper Networks has uncovered some unauthorized code in its firewall operating system, allowing knowledgeable attackers to get in and decrypt VPN traffic.
While the leading suspect still remains the NSA, it's been interesting to watch various US government agencies totally freak out over their own networks now being exposed.
The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issue Thursday along with an emergency security patch that it urged customers to use to update their systems "with the highest priority."
The concern, US officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it.
One US official described it as akin to "stealing a master key to get into any government building." And, yes, this equipment is used all throughout the US government:
Juniper sells computer network equipment and routers to big companies and to US government clients such as the Defense Department, Justice Department, FBI and Treasury Department. On its website, the company boasts of providing networks that "US intelligence agencies require."
Its routers and network equipment are widely used by corporations, including for secure communications. Homeland Security officials are now trying to determine how many such systems are in use for US government networks.
And, of course, US officials are insisting that it couldn't possibly be the NSA, but absolutely must be the Russians or the Chinese: The breach is believed to be the work of a foreign government, US officials said, because of the sophistication involved. The US officials said they are certain US spy agencies themselves aren't behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn't reached conclusions.
Anything's possible, but the NSA still has to be the leading suspect here, and the insistence that it's the Chinese or the Russians without more proof seems like a pretty clear attempt at keeping attention off the NSA.
And, of course, all of this is happening at the very same time that the very same US government that is now freaking out about this is trying to force every tech company to install just this kind of backdoor. Because, as always, these technically illiterate bureaucrats still seem to think that you can create backdoors that only "good" people can use.
But that's not how technology works.
Indeed, now that it's been revealed that there was a backdoor in this Juniper equipment, it took one security firm all of six hours to figure out the details:
Ronald Prins, founder and CTO of Fox-IT, a Dutch security firm, said the patch released by Juniper provides hints about where the master password backdoor is located in the software. By reverse-engineering the firmware on a Juniper firewall, analysts at his company found the password in just six hours.
“Once you know there is a backdoor there, … the patch Juniper released gives away where to look for the backdoor … which you can use to log into every Juniper device using the Screen OS software,” he told WIRED.
“We are now capable of logging into all vulnerable firewalls in the same way as the actors who installed the backdoor.”
Putting backdoors into technology is a bad idea. Security experts and technologists keep saying this over and over and over and over again, and politicians and law enforcement still don't seem to get it.
And, you can pretty much bet that even though they now have a very real world example of it, in a way that's impacting their own computer systems, they'll continue to ignore it. Instead, watch as they blame the Chinese and the Russians and still pretend that somehow, when they mandate backdoors, those backdoors won't get exploited by those very same Chinese and Russian hackers they're now claiming were crafty enough to slip code directly into Juniper's source code without anyone noticing.
Techdirt: http://bit.ly/1QI6rUt
