Security glitches may leave US exposed
Researchers have suggested that two security flaws that lay undiscovered in Juniper Networks’ widely used corporate virtual private network (VPN) software for three years could have exposed sensitive information to foreign governments or criminal groups.
The vulnerabilities were in the form of ‘unauthorised code’ discovered during a recent internal code review and announced on 17th December. One of the flaws could have allowed hackers to decrypt information passing through Juniper’s devices, including equipment for a secure network used by companies internally.
The FBI is investigating the breach, which involved hackers installing a back door on computer equipment. Along with the announcement Juniper disclosed an emergency security patch that it urged customers to use to update their systems ‘with the highest priority'.
The concern, US officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it. One US official described it as akin to “stealing a master key to get into any government building.”
It’s not yet clear what, if any classified information could be affected, but US officials said the Juniper Networks equipment is so widely used that it may take some time to determine what damage was done.
Featured products
MAX17793
Analog Devices Inc.
3V to 80V, 3A, High-Efficiency, Synchronous Step-Down DC-DC Converter
| SKU: | MAX17793 |
|---|---|
| Stock: | 9316 |
| Cost: | $3.64 |
MAX22516
Analog Devices Inc.
IO-Link Data Link Controller with Transceiver and Integrated DC-DC
| SKU: | MAX22516 |
|---|---|
| Stock: | 8000 |
| Cost: | $5.42 |
