The FBI is reportedly investigating a breach of Juniper Networks’ software due to concerns a “back door entry” allowed foreign governments to tap into the US.
On Thursday, California-based Juniper said it had found unauthorised code in its ScreenOS software, which runs the company’s firewalls. The code is said to possibly compromise the entire system and decrypt VPN devices, all without leaving a trace of whomever is behind the breach.
“A skilled attacker would likely remove these entries from the local log file, thus effectively eliminating any reliable signature that the device had been compromised”, Juniper Networks said in a security update.
The company also said it found another security-related issue that would allow attackers monitor Virtual Private Network (VPN) traffic – in other words communication over secure networks – to decrypt that traffic.
Juniper has since released patches for both flaws, and said it had not discovered that the weaknesses were exploited.
The revelation from Juniper Networks led to an investigation by the FBI, who are looking into whether non-US governments were trying to gain access to the encrypted communication of US government employees, reports CNN. And according to Reuters, the Department of Homeland Security is currently working with Juniper in relation to the matter.
SOURCE: USA Today.