Showing posts with label Juniper. Show all posts
Showing posts with label Juniper. Show all posts

Wednesday, 23 December 2015

Researchers think that a dangerous 'back door' in software used by the US government was caused by the NSA

Juniper is a hardware manufacturer that makes networking equipment. The internet relies on equipment like this to function.
A backdoor is an intentional hole in a security system that allows someone to get in when they shouldn't be able to. Think of a robber slipping in the backdoor of your house because you never lock it.
Juniper announced that it found a backdoor into its systems that it didn't place there. To continue my analogy above, imagine one day you found a new door into your house that you never knew existed, and that you don't even have a key for.
There is speculation that the NSA was responsible for putting this backdoor into Juniper's system, but nothing concrete yet.

Two "back doors" hidden in security software used by US government agencies and corporations that left them open to attack may have been caused by the NSA, security researchers claim.
Last week, news broke about "unauthorised code" in devices sold by Juniper, which builds firewalls, intended to protect the user from attacks and unwanted intrusions. Wired reports that security consultancy Comsecuris' founder Ralf-Phillipp Weinmann's research indicates that the NSA may be responsible for this - by introducing code that was exploitable by others.

Matthew Green, a cryptography lecturer at John Hopkins University, has come to a similar conclusion. In a blog post also outlining the scale of the vulnerability, he wrote:

To sum up, some hacker or group of hackers attacker noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional -- you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone -- maybe a foreign government -- was able to decrypt Juniper traffic in the U.S. and around the world.

If correct, the NSA likely introduced this back door in order to give them a way to surreptitiously monitor traffic: It allowed them to decrypt otherwise-encrypted data, for a start. But someone else - we don't yet know who - found it, and took advantage.

Juniper has since released patches addressing the vulnerabilities, and is urging customers to upgrade.

This isn't just some abstract theoretical breach. Often, when there's a hack, or leak, or vulnerability, there's no evidence it was ever exploited by anyone other than the security researcher who found it. But in this case, the code was actively put there by an as-yet unknown hacker - and attackers are now actively probing for unpatched Juniper firewalls to exploit.

Researchers at the SANS Internet Storm Center built a "honeypot," PC World reports - that is, a fake server that pretends to be a real Juniper firewall so they can monitor if anyone is fooled into trying to attack it. Sure enough, they say they are "detecting numerous login attempts against our ssh honeypots using the ScreenOS backdoor password."

The Juniper back door comes at a time of heated debate over the ethics and feasibility of introducing back doors into software. As more and more big tech companies (Apple, Google, Facebook, etc.) incorporate strong encryption into their products, there has been a pushback from law enforcement who want to be able to retain access to data and communications when required.

But, technologists and privacy activists counter, any back door will inevitably be open to abuse by third parties. You can't build a back door that only good guys can use, the saying goes. In Juniper, encryption enthusiasts may have found a very powerful example to prove their point.
Read more ...

LinkWithin

Related Posts Plugin for WordPress, Blogger...