Juniper Networks cut back on their threat list

0
314

After the recent security threat to its ScreenOS, Juniper Networks were relieved to inform their customers that the issue was not as widespread as initially believed. The threats posed to the security were relatively less than company had supposed.
The firm had raised an alarm and issued warning to their customers regarding a breach of security. An unauthorized code was discovered in ScreenOS which was could potentially give access to hackers and allow them control over the administrative servers. The attacker just had to decrypt the virtual private network (VPN) or directly go through Netscreen which would grant administrative access.
Both the issues regarding the virtual private network and administrative control were unrelated to each other. Initially, Juniper advised their customers to fix their systems accordingly; the administrative access code would affect the ScreenOS6.30r12 to 6.30r20, while the VPN decryption code would affect ScreenOS 6.20r15 to 6.20r18.
Upon further investigation, the company discovered that the threat to the system was not as extensive as they had believed to be. Administrative Access code only affected ScreenOS 6.3.0r17 to 6.3.30r20 and the VPN decrypting code affected the CreenOS 6.2.0r15 to 6.2.0r18, as well as 6.3.0r12 to 6.3.0r20. The customers were to prioritize a system upgrade and fix any issues immediately.
NSA fears
The system breached once again reminded people about the allegations that surfaced when Edward Snowden revealed about the government supposedly prying on people through internet. S nowden claimed that a number of government spy agencies, namely NSA was accessing private information of various people through different networks.
This claim created quite a stir among the general public. Now when this incident happened with Juniper, a number of questions were raised regarding a connection between the unauthorized codes and secret government surveillance.
Some technical experts were of the view that since the NSA had the capability to break through firewalls and spent quite a lot of time perfecting such technical innovations; they could very well be behind this security threat.
The company strongly denied any government control over their networks. It claims to work individually and takes the security and integrity of their products very seriously.
Solutions
Technical experts believe that such problems have been on a rise in recent times. However, they are reluctant to name any government agency or state actor as part of such issues. While it is clear that network system and equipment providers are being targeted, sometimes knowingly and sometimes not, but it is unclear as to what or who the culprit is.
It was suggested that a solution to the problem could be an open source model. If the code running at the core of the system was shifted towards an open source, this type of invasion or breach of security could be prevented.
This would result in more people monitoring the code, which could ultimately prevent hacking attempts and prompt better detection. As far as Juniper is concerned, it has nothing to worry about. Many of the big network systems have at one point or another suffered from a security breach, and it was likely that the effect of one on Juniper would also be short term.

LEAVE A REPLY

Please enter your comment!
Please enter your name here