In major news in the tech sector on Monday, networking giant Juniper Networks admitted that hackers had somehow slipped dangerous malware in the firm’s Screen OS, which is used in tens of thousands of networking devices sold by Juniper. The problem with Screen OS was first made public last Thursday (12/17).
The firm’s post noted that a firewall operating system had been changed to permit unauthorized, secret access using a “hard coded password.” Cybersecurity experts point out that this kind of exploit is a major threat to organizations using Juniper Network’s compromised equipment. The biggest question, of course, is how the modifications could have been made (very likely years ago) to Juniper’s critical source code without the company finding out until now.
Tech industry analysts praised the fact that Juniper’s CIO (Bob Worrell) shared the bad news almost immediately, which does not always happen among tech firms today. The company provided an update on Sunday, but many questions still remain about what happened and how Juniper (and other tech firms) can make sure it does not happen again.
A spokesperson for Ju8niper Networks noted on Sunday that she did not have any more information to share at this time.
Details on the spyware found in Juniper Networks OS
Two significant problems were identified in Juniper Networks Screen OS. The most critical was a hard-coded password that could allow anyone with a valid username to log into one of Juniper’s networks using its Screen OS using telnet or SSH.
The second exploit permits VPN traffic to be monitored and decrypted. VPNs are encrypted remote connections between computers, typically used by firms to permit secure remote access to their networks.
Other CIOs applaud Juniper’s honesty
“I think Juniper did the right thing here,” commented HD Moore, the chief research officer for security firm Rapid7. “I suspect that this incident will trigger internal security audits across the industry and cause Juniper to drastically change their code review process.”
Alex Stamos, Facebook’s chief security officer, noted that Juniper’s approach to letting customers know about the problem asap reflects that taken by EMC’s RSA unit. Back in March of 2011, RSA admitted that hackers had stolen keyinformation about its passcode product SecurID.
Stamos said: “I expect they are briefing big customers privately to control the sales damage, a la RSA after their incident.”