CATEGORIES
home IT/Enterprise

FBI Investigates Alarming 2012-Era Backdoor Exploit In Juniper Networks Firewalls

by Rob WilliamsSaturday, December 19, 2015, 01:28 PM EDT

Over the past couple of years, we've discovered case after case that highlights the extent the US government is willing to go to spy on whoever it can. It's an interesting juxtaposition, then, to keep learning about new revelations that show how the US government itself has been spied on, while remaining completely oblivious to it.

This past summer, it was revealed that the U.S. Office of Personnel Management agency was breached, ultimately resulting in the leaking of data on 4 million government employees. Not long after, we learned that China had managed to gain access to US security clearance information - information that's not-classified, but is still quite sensitive.

Compared to a new breach that has been discovered, though, those previous issues might now seem minor.

Juniper Firewalls

The FBI is investigating a breach involving products from Juniper Networks. The company provides both hardware and software solutions that revolve around both networking and security,specifically in the areas of intrusion detection and prevention. Juniper products are renowned enough to be used at the highest-level of US government network environments.

Attackers were able to gain access to Juniper equipment and install a back door, allowing them to fetch encrypted information. If one machine could be breached, then it seems they all could be, and that's the government's current concern. One US official has said that this is akin to, "stealing a master key to get into any government building".

Juniper has since released a patch to solve the issue, and has recommended anyone managing its products to update with the highest priority.

US officials don't believe that this was the work of US-based spy agencies, but instead are looking at Russia or China. It's important to note, though, that at the moment, there are no official accusations. Juniper also mentions that it hasn't seen malicious exploitation of these vulnerabilities up to this point. However, the company goes on to mention that anyone skilled would have removed their actions from the system's log file, effectively leaving without a trace.

Given the sensitive data that could have been accessed, this could prove a very interesting series of events to follow.

Tags:  security, Privacy, Government, Enterprise
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment