A cyberattack on Juniper's networking equipment that resulted in spying code being discovered has resulted in many big questions, while the company announced on December 17, Thursday that its firewall operating systems had undergone modifications to permit secret access. However, experts cannot fathom how cyber-criminals got access years ago to sensitive source code without the company discovering it until recently. In addition, the FBI is investigating the security breach, which could have allowed a foreign government to spy on the United States government and private companies during the past three years.
The security experts point out that protecting source code is one of IT companies' top priorities due to its value as intellectual property. Nevertheless, the fact that the company reported its findings has been met with approval.
The company found two big problems with Juniper's NetScreen OS. One was the ability for any attacker to use a hard-coded password and valid username to log into a Juniper Firewall that ran the OS by using Secure Shell (SSH) or telnet, accoding to PC World.
Meanwhile, the second major security vulnerability allowed virtual private network (VPN) traffic to be monitored and also decrypted. VPNs allow secure remote access to companies' systems for employees on the road.
In other news related to the Juniper hack, the FBI is investigating the cyber-attack. The concern among US officials is that complex hackers who breached the company's equipment could access any government agency or private company that used it.
US officials believe a foreign government compromised Juniper's systems, based on the sophisticated methods used, according to CNN. The Department of Homeland Security has also been working with Juniper to boost national cybersecurity.