Two “back doors” hidden in security software used by US government agencies and corporations that left them open to attack may have been caused by the NSA, security researchers claim.
Last week, news broke about “unauthorised code” in devices sold by Juniper, which builds firewalls, intended to protect the user from attacks and unwanted intrusions. Wired reports that security consultancy Comsecuris’ founder Ralf-Phillipp Weinmann’s research indicates that the NSA may be responsible for this — by introducing code that was exploitable by others.
Matthew Green, a cryptography lecturer at John Hopkins University, has come to a similar conclusion. In a blog post also outlining the scale of the vulnerability, he wrote:
To sum up, some hacker or group of hackers attacker noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional — you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world.
If correct, the NSA likely introduced this back door in order to give them a way to surreptitiously monitor traffic: It allowed them to decrypt otherwise-encrypted data, for a start. But someone else — we don’t yet know who — found it, and took advantage.
Juniper has since released patches addressing the vulnerabilities, and is urging customers to upgrade.
This isn’t just some abstract theoretical breach. Often, when there’s a hack, or leak, or vulnerability, there’s no evidence it was ever exploited by anyone other than the security researcher who found it. But in this case, the code was actively put there by an as-yet unknown hacker — and attackers are now actively probing for unpatched Juniper firewalls to exploit.
Researchers at the SANS Internet Storm Center built a “honeypot,” PC World reports — that is, a fake server that pretends to be a real Juniper firewall so they can monitor if anyone is fooled into trying to attack it. Sure enough, they say they are “detecting numerous login attempts against our ssh honeypots using the ScreenOS backdoor password.”
The Juniper back door comes at a time of heated debate over the ethics and feasibility of introducing back doors into software. As more and more big tech companies (Apple, Google, Facebook, etc.) incorporate strong encryption into their products, there has been a pushback from law enforcement who want to be able to retain access to data and communications when required.
But, technologists and privacy activists counter, any back door will inevitably be open to abuse by third parties. You can’t build a back door that only good guys can use, the saying goes. In Juniper, encryption enthusiasts may have found a very powerful example to prove their point.
if this juniper backdoor kills cryptowars2.0, it will be the most valuable backdoor in history.
— newshtwit (@newshtwit) December 19, 2015
Business Insider Emails & Alerts
Site highlights each day to your inbox.