Juniper Networks Ditching Alleged NSA Eavesdropping Code

The source of unauthorized code that left its ScreenOS software platform vulnerable to hacking is still under investigation by Juniper Networks. The company has issued patches for the vulnerability and has found no further evidence of unauthorized code in ScreenOS, senior vice president and CIO Bob Worrall said in a Friday post on Juniper's Security Incident Response blog.

Some security experts, citing documents revealed by former National Security Agency (NSA) contractor and whistleblower Edward Snowden, have speculated the NSA might have had a hand in the recently discovered Juniper vulnerabilities. Juniper makes routers, switches and other networking products used by Internet service providers to manage online IP and traffic routing.

On December 17, Juniper said that it had discovered the unauthorized code during an internal code review. The code "could allow a knowledgeable attacker to gain administrative access to Juniper's NetScreen devices and to decrypt VPN connections," Worrall said at that time.

Products Will Continue To Be Targets

In his latest update, Worrall said Juniper plans to make further changes to address the security concerns raised by the unauthorized code discovery in ScreenOS. A detailed investigation conducted with the help of "a respected security organization," found no evidence of unauthorized code in another Juniper platform, Junos OS, he said. Worrall added that "it would be much more difficult to insert the same type of unauthorized code in Junos OS."

Worrall said Juniper plans to replace both Dual_EC and ANSI X9.31 in ScreenOS 6.3 with "the same random number generation technology currently employed across our broad portfolio of Junos OS products." The company intends to make those changes with a future release of ScreenOS set for the first half of this year, he added.

"Juniper Networks is keenly aware of the current and evolving threats to national and economic security around the world,"...

Comments are closed.