STATES CHRONICLE – It has recently been revealed that unauthorized code has been found in Juniper firewalls.
Officials from Juniper have announced the discovery of a piece of code that decrypts information traveling through private networks. Unfortunately, they do not know how the code got there or by whom it was introduced, but they do have their suspicions. Neither do they know how long the code has been in their operating system. They do suspect, however, that the error might date back to 2012.
This piece of code could allow somebody to attain administrative access to NetScreen devices which could permit the decryption of VPN connections. VPNs are connections that allow employees to access their computer at work. They are generally used when employees are travelling and need to access their PC.
If an unauthorized party were to gain access to these VPNs, they could decipher the traffic that most likely contains private information about firms. This is why hackers usually target firewalls, namely, because they retain the most information.
The code also allows a knowledgeable user to introduce other programs into the computers. These programs are not deleted even if the computers are rebooted or the programs upgraded. This way, the U.S. government makes sure that it always has access to computer networks.
As of yet there is no proof that this unauthorized code has been availed of, but then there is no way to ascertain that either. The company does, however, warn users that they should update their systems as soon as possible and apply the critical patches that have been released to remedy the problem.
Who is responsible for this breach? Juniper officials suspect that it might be the National Security Agency, as the clues suggest that the tampering might have been authorized by the state. In addition, Edward Snowden, former NSA employee, released documents showing how NSA agents had intercepted Cisco System products and installed covert devices on them before allowing them to be shipped to the customers.
However, there is no solid proof that points to the NSA beyond any reasonable doubt. Juniper representatives admit that the code might have been smuggled into their software in some other way. More information is expected from the company.
Image source: www.upload.wikipedia.org