Analecta Cyber Company Blog: Newly discovered hack has U.S. fearing foreign infiltration

2016-01-29

Newly discovered hack has U.S. fearing foreign infiltration

Before the year 2015 ended, the computer network company Juniper Networks suffered a major breach. It’s made U.S. officials concerned that for the past three years hackers linked to a foreign government may have been able to spy on encrypted communications with private companies.

Officials disclosed that the FBI is already investigating the breach, in which hackers were able to install a backdoor on the government’s computer equipment.



Juniper officials released the information on the incident along with an emergency security patch that they urged users immediately install to update their systems.

U.S. officials added that the incident may be comparable to "stealing a master key to get into any government building” that hackers can use access any company or government agency that used it. They further stated that it is not yet clear how the Juniper source code was changed and whether it was an outside attack.

Clues point to sophisticated hackers

Knowing that millions of lines of source code were altered, and that the hack went undiscovered for three years, makes it clear that the attackers were sophisticated, officials said.

Because of this sophistication, officials suspect that a foreign government is behind this attack.
Officials were still on the process their investigation and therefore could not specify which country may have been involved and what damages the attack may have caused. The top suspected governments included China and Russia.

The Department of Homeland Security has been working with Juniper since the discovery of the breach.

Juniper’s security fix is intended to seal the back door used by hackers to remotely log into commonly used VPN networks. It’s believed their aim is to spy on communications between the government and private companies.

The company also considered the possibility that someone may have managed to get into its systems and write "unauthorized code" allowing the attackers to gain administrative access, giving them the capability to monitor encrypted traffic on the computer network and decrypt communications.

Affected users may include big companies in the U.S. and government agencies such as the Defense Department, Justice Department, FBI and Treasury Department. All were Juniper clients for computer network equipment and routers.

A company spokeswoman stated that a patch has been issued to affected customers. The company strongly advises users to update their systems. Juniper will also release a security fix for another bug that could allow an attacker to launch denial-of-service attacks on networks, the spokeswoman said.