Juniper network has had a major breach which has led to suspicions of a group of foreign hackers spying on the encrypted communications (within the government and private companies) in the U.S for last 3 years.
FBI has already started investigating the breach in which hackers are discovered to have installed a backdoor in the computer equipment of the network.
Juniper, a US government subcontractor has sent out an emergency patch to all their customers “with the highest priority.”
Most worrying part
Most worrying for officials is that the compromised equipment could allow hackers to spy on any company in U.S and any government agencies. One of the officials described this as “stealing a master key to get into any government building.”
No major suspect so far
So far no major suspects are identified but officials are certain that it cannot be done by a group from U.S looking at the sophistication of the attack. Chinese and Russian groups are again the prime suspects, but it’s too early to reach any conclusion, warned the officials.
Analysis of damages will take time
As for the damages done to the system, experts are still looking into the systems and so far it’s difficult to say how much information has been leaked.
Actually, Juniper network is so widely used in U.S that it will take time for investigators to work out the total damage the breach has done to the systems.
An official while speaking to CNN said:
“We are aware of the vulnerabilities recently announced by Juniper. The Department of Homeland Security has been and remains in close touch with the company. The administration remains committed to enhancing our national cybersecurity by raising our cyber defenses, disrupting adversary activity, and effectively responding to incidents when they occur.”
The fixes and the vulnerability
The fixes Juniper network is currently working on is to make sure hackers can’t install a backdoor which allowed them to remotely spy on the encrypted communications via VPN networks.
Looking at what hackers did when they entered into the system Juniper said they can write “unauthorized code” which could allow them administrative access to monitor all the encrypted traffic.
Juniper- one of the major networks in the US
Juniper network is currently providing service to many leading U.S companies and Government departments such as Defense, Justice and treasury and also FBI.
Juniper in its security alert stated that they are not aware of any exploitation to their vulnerabilities, but that doesn’t mean there is no exploitation carried out by the hackers, the hackers may have removed all the security logs in relation to the breach.
“Note that a skilled attacker would likely remove these entries from the log file, thus effectively eliminating any reliable signature that the device had been compromised,” the Juniper security alert said. “There is no way to detect that this vulnerability was exploited,” according to the Juniper security alert.
Uphill task for the investigators and experts
So, now for the investigators and experts, an uphill task remains; that is to study source code comprising of millions of lines because it has been three years since the code was altered and Juniper found it just recently.