Last week, network hardware manufacturer Juniper revealed that it had found unauthorized code in its system firmware that made it possible for hackers to gain administrative access to its devices. It’s possible that the firmware has been vulnerable for years.
It also reveals that the British intelligence agency GCHQ was able to exploit these flaws in 13 different Juniper products.
While the document doesn’t establish a clear link between the NSA, the GCHQ and the recently disclosed vulnerability, it proves that the NSA knew about flaws in Juniper’s network gear that could be exploited to gain access to administrative capabilities and didn’t say a thing about it. Rather, it left the backdoor open for anyone, including itself, to gain easy entry.
It’s also worth noting that the security holes mentioned in the document aren’t the same as the one Juniper says it only just learned about, as those pertained to older versions of firmware.
The document, authored by an NSA employee who was working with GCHQ, also suggests that the UK and US intelligence agencies used their knowledge of flaws in Juniper firmware to repeatedly penetrate them for surveillance:
“Juniper technology sharing with NSA improved dramatically during [calendar year] 2010 to exploit several target networks where GCHQ had access primacy.”
It isn’t clear how these security flaws were introduced in Juniper’s software, and who was responsible. There’s been speculation about whether the UK, China or the NSA are to blame — but today’s revelation strongly suggests that it might have been the US.
➤ NSA helped British spies find security holes in Juniper firewalls [The Intercept]