December 21, 2015//Tori TaylorLast Updated: February 22, 2022
Juniper works to patch vulnerabilities
Juniper Networks, a computer network company, disclosed late last week that they suffered a major data breach. The attack may have compromised the encrypted communications of many of their enterprise customers, including the U.S. government.
Juniper Networks officials confirmed that hackers installed a “back door” on their computer equipment to gain access to the private communications of their customers. The company reports that “unauthorized code” was inserted in ScreenOS software that “could allow a knowledgeable attacker to gain administrative access.” USA Today reports, “The rogue code could potentially compromise the whole system and decrypt VPN devices, without leaving a trace of the party behind the breach.”
In a statement released by Juniper Networks spokeswoman, the company describes their efforts to mitigate customer exposure – “Once we identified these vulnerabilities, we launched an investigation and worked to develop and issue patched releases for the impacted devices. We also reached out to affected customers, strongly recommending that they update their systems.”
CNN reports that U.S. officials launched an investigation to both understand the Juniper vulnerability and identify the culprits responsible. It’s clear why government agencies may want to take a central role in the investigation. According to CNN, encrypted communications of the U.S. government could have been compromised for the last three years because of the Juniper data breach. FCW reports, “The Department of Defense is among Juniper Networks’ big federal customers; dozens of Juniper products are on the Defense Information Systems Agency’s Unified Capabilities Approved Product List.” Also, the FBI believes a foreign government committed the breach and categorizing the attack as “sophisticated.”
This is not the first time a foreign agency was presented at the prime suspect in a massive breach. When the Office of Personnel Management was attacked, federal officials suspected China-based hackers were to blame for compromising more than 21 million people’ personal records. And hackers from the Republic of North Korea were cited as the cause of Sony Pictures’ major breach in late 2014, which exposed 38 million files to the public.