Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

"If it’s the NSA (which looks possible, given a Snowden leak about a program called FEEDTROUGH that installs persistent backdoors in Juniper devices) then it will mean that the U.S. government deliberately sabotaged tens, if not hundreds, of thousands of networks that were protected by products from a U.S. company." (Image: via ZDnet)

Your Business Been Hacked? Thanks NSA!

Peter Van Buren

 by We Meant Well

It appears that the NSA (“or someone”) hacked into the code of a popular firewall and planted a password in there that would allow them access as needed.

That means the NSA (“or someone”) would be able to bypass the security features of a network and do what they wanted inside. This is basically an act of sabotage. Given that American organizations as well as foreign ones use these same firewalls, and that the planted password could be discovered by others outside the NSA, the act made vulnerable a multitude of innocent, untargeted systems.

Juniper Networks makes a popular line of enterprise firewalls whose operating system is called Screen OS. The company raised alarm bells with an advisory announcing that they’d discovered “unauthorized code” in some versions of Screen OS, a strange occurrence that hinted that a security agency had managed to tamper with the product before it shipped. One possible route would be for any such agency to have its own people inside the company, acting under cover.

An investigator for Juniper reported that he and his team have confirmed that the “unauthorized code” is a backdoor whose secret password enables the wielder to telnet or ssh into Juniper’s appliances. The password is <<< %s(un='%s') = %u, "presumably chosen so that it would be mistaken for one of the many other debug format strings in the code." Further investigation located 26,000 Juniper devices that are vulnerable to this attack until patched.

The code appears to have been in multiple versions of the company’s ScreenOS software going back to at least August 2012.

The next mystery to solve is where this unauthorized code comes from. In this case, someone deliberately inserted a backdoor password into Juniper's devices. Juniper says the hack is sophisticated enough that it had to have been made by a state-level actor. This was not done by your movie-version basement hacker.

“The weakness in the VPN itself that enables passive decryption is only of benefit to a national surveillance regime like the British, the U.S., the Chinese, or the Israelis,” said one researcher at the International Computer Science Institute and UC Berkeley. “You need to have wiretaps on the Internet for that to be a valuable change to make in the software.”

That’s a huge deal.

If it’s the NSA (which looks possible, given a Snowden leak about a program called FEEDTROUGH that installs persistent backdoors in Juniper devices) then it will mean that the U.S. government deliberately sabotaged tens, if not hundreds, of thousands of networks that were protected by products from a U.S. company that is the second-largest provider of networking equipment in the world (after Cisco.)

Or was the second-largest provider. Discovery of the backdoor is unlikely to be good for business.


© 2021 Peter Van Buren
Peter Van Buren

Peter Van Buren

Peter Van Buren spent a year in Iraq as a State Department Foreign Service Officer serving as Team Leader for two Provincial Reconstruction Teams (PRTs). Now in Washington, he writes about Iraq and the Middle East at his blog, We Meant Well. His books include: "We Meant Well: How I Helped Lose the Battle for the Hearts and Minds of the Iraqi People" (2012) and "Hooper's War: A Novel of Moral Injury in WWII Japan" (2017).

We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

70+ Lawmakers Tell Biden 'You Can and You Must' Provide Rail Workers Paid Sick Leave

"As president, you and your administration have a number of tools at your disposal to make sure rail workers are guaranteed paid sick leave," wrote the lawmakers.

Julia Conley ·


COP15 Biodiversity Summit Highlights 'Deadly' US Attitude Toward the World

"While others play by the rules, the most powerful nation refuses," writes George Monbiot. "If this country were a person, we'd call it a psychopath. As it is not a person, we should call it what it is: a rogue state."

Jessica Corbett ·


Final House Covid Panel Report Exposes 'Reckless' Trump Pandemic Response

The publication accuses top Trump officials of "failed stewardship" and a "persistent pattern of political interference" that undermined the nation's response to a pandemic that has killed more than a million people in the United States.

Brett Wilkins ·


As NYT Staffers Strike, Sanders Calls for 'New Ways to Empower' Workers Battling Industry Giants

"We need to rebuild and protect a diverse and truly independent press so that real journalists and media workers can do the critical jobs that they love, and that a functioning democracy requires," said the Vermont progressive.

Kenny Stancil ·


House Report on Big Oil Greenwashing Shows 'Big Tobacco Playbook All Over Again'

"These companies know their climate pledges are inadequate, but are prioritizing Big Oil's record profits over the human costs of climate change," said Rep. Carolyn Maloney.

Julia Conley ·

Common Dreams Logo