In 2015, Juniper, the world’s second-largest network equipment maker (after Ciscom), announced the discovery of two side ports that allow a trained attacker administrative access to NetScreen devices and decryption of VPN connections. They made a correction and promised an investigation. Five years later, we still know nothing about this investigation, and thirteen U.S. senators are now demanding answers.
One of the vulnerabilities allowed administrator access to the equipment, as a hard-coded access password was programmed into the code, and the other vulnerability used a deliberately weakened VPN encryption protocol. This allows the trained hacker to decrypt the intercepted traffic, even if he does not have the encryption keys.
It involved the use of a lesser-known Dual_EC_DRBG random number generation algorithm developed by the US security agency NSA (which became very famous after Edward Snowden discussed its eavesdropping). As early as 2006, this algorithm was the target of warnings from security experts that it allows the construction of an eavesdropping mechanism, but it was approved as soon as possible by the US Federal Information Processing Standards (FIPS). certificate). Juniper continued to use this algorithm without informing the public.
Among other things, the senators are asking for answers as to why the company knew about the potential wiretapping, which employees installed the algorithm, who led the company’s internal investigation, what the results of the investigation were and what the recommendations were. whether the company has implemented them. The company has until July 10 to respond.
Let us recall that U.S. Attorney William Barr publicly advocates that the U.S. state should be able to eavesdrop on encrypted traffic.