*The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issue Thursday along with an emergency security patch that it urged customers to use to update their systems “with the highest priority.”
The concern, U.S. officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it.
One U.S. official described it as akin to “stealing a master key to get into any government building.”*
*Juniper sells computer network equipment and routers to big companies and to **U.S. government clients such as the Defense Department, Justice Department, FBI and Treasury Department. On its website, the company boasts of providing networks that “US intelligence agencies require.”
Its routers and network equipment are widely used by corporations, including for secure communications. Homeland Security officials are now trying to determine how many such systems are in use for U.S. government networks.** *
Annnnnddd… the dooezy!
The breach is believed to be the work of a foreign government, U.S. officials said, because of the sophistication involved. The U.S. officials said they are certain U.S. spy agencies themselves aren’t behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn’t reached conclusions.
NSA’s backdoor catalog exposed: Targets include Juniper, Cisco, Samsung, Huawei
An internal NSA catalog offers spies backdoors into a wide range of equipment from major computing and security vendors, according to an article published by Germany’s Der Spiegel on Sunday, based on leaked documents.
Targets include firewalls from Juniper Networks, hard drives from Western Digital, Seagate, Maxtor and Samsung, networking gear from Cisco and Huawei, and servers from Dell. According to the piece, there is no evidence that any of the companies knowingly allowed these backdoors — this seems to be a matter of highly sophisticated hacking and cracking.
Well GOLLY GEE. Looks like Juniper found the NSA’s backdoor code that the NSA hacked into Juniper to insert, making their products less safe… and OOPS, geeeeeez, guess they forgot the GOVERNMENT USES THIS EQUIPMENT TO! But seriously, lets blame the Russians and Chinese, because it couldn’t possibly be the NSA, our guys, that hack our OWN DAMN COMPANIES AND INSTALL SECURITY RISK BACK DOORS TO THE DETERMENT OF EVERYBODY!!! #$%#$$#^@^#%@$%#$@#%@$#% :sick::mad::banghead::angry26:
But don’t take my word for it, how about some of our top security researchers instead?
Two “back doors” hidden in security software used by US government agencies and corporations that left them open to attack may have been caused by the NSA, security researchers claim.
Last week, news broke about “unauthorised code” in devices sold by Juniper, which builds firewalls, intended to protect the user from attacks and unwanted intrusions. Wired reports that security consultancy Comsecuris’ founder Ralf-Phillipp Weinmann’s research indicates that the NSA may be responsible for this — by introducing code that was exploitable by others.
Matthew Green, a cryptography lecturer at John Hopkins University, has come to a similar conclusion. In a blog post also outlining the scale of the vulnerability, he wrote:
To sum up, some hacker or group of hackers attacker noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional – you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone – maybe a foreign government – was able to decrypt Juniper traffic in the U.S. and around the world.
In other words… it looks like somebody, not us, found the NSA backdoor and likely exploited it in order to hack us. GOOD JOB NSA.
In the meantime, the goverment keeps saying we should backdoor or ban encryption… because obviously the government knows what the hell it’s doing with technology… AM I RITE?