Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

"If it’s the NSA (which looks possible, given a Snowden leak about a program called FEEDTROUGH that installs persistent backdoors in Juniper devices) then it will mean that the U.S. government deliberately sabotaged tens, if not hundreds, of thousands of networks that were protected by products from a U.S. company." (Image: via ZDnet)

Your Business Been Hacked? Thanks NSA!

Peter Van Buren

 by We Meant Well

It appears that the NSA (“or someone”) hacked into the code of a popular firewall and planted a password in there that would allow them access as needed.

That means the NSA (“or someone”) would be able to bypass the security features of a network and do what they wanted inside. This is basically an act of sabotage. Given that American organizations as well as foreign ones use these same firewalls, and that the planted password could be discovered by others outside the NSA, the act made vulnerable a multitude of innocent, untargeted systems.

Juniper Networks makes a popular line of enterprise firewalls whose operating system is called Screen OS. The company raised alarm bells with an advisory announcing that they’d discovered “unauthorized code” in some versions of Screen OS, a strange occurrence that hinted that a security agency had managed to tamper with the product before it shipped. One possible route would be for any such agency to have its own people inside the company, acting under cover.

An investigator for Juniper reported that he and his team have confirmed that the “unauthorized code” is a backdoor whose secret password enables the wielder to telnet or ssh into Juniper’s appliances. The password is <<< %s(un='%s') = %u, "presumably chosen so that it would be mistaken for one of the many other debug format strings in the code." Further investigation located 26,000 Juniper devices that are vulnerable to this attack until patched.

The code appears to have been in multiple versions of the company’s ScreenOS software going back to at least August 2012.

The next mystery to solve is where this unauthorized code comes from. In this case, someone deliberately inserted a backdoor password into Juniper's devices. Juniper says the hack is sophisticated enough that it had to have been made by a state-level actor. This was not done by your movie-version basement hacker.

“The weakness in the VPN itself that enables passive decryption is only of benefit to a national surveillance regime like the British, the U.S., the Chinese, or the Israelis,” said one researcher at the International Computer Science Institute and UC Berkeley. “You need to have wiretaps on the Internet for that to be a valuable change to make in the software.”

That’s a huge deal.

If it’s the NSA (which looks possible, given a Snowden leak about a program called FEEDTROUGH that installs persistent backdoors in Juniper devices) then it will mean that the U.S. government deliberately sabotaged tens, if not hundreds, of thousands of networks that were protected by products from a U.S. company that is the second-largest provider of networking equipment in the world (after Cisco.)

Or was the second-largest provider. Discovery of the backdoor is unlikely to be good for business.


© 2021 Peter Van Buren
Peter Van Buren

Peter Van Buren

Peter Van Buren spent a year in Iraq as a State Department Foreign Service Officer serving as Team Leader for two Provincial Reconstruction Teams (PRTs). Now in Washington, he writes about Iraq and the Middle East at his blog, We Meant Well. His books include: "We Meant Well: How I Helped Lose the Battle for the Hearts and Minds of the Iraqi People" (2012) and "Hooper's War: A Novel of Moral Injury in WWII Japan" (2017).

We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

'Bloodbath': At Least 6 Dead, Dozens Wounded in Mass Shooting at Illinois July 4th Parade

"What freedom do we have if we fear being gunned down at a parade?" asked one progressive politician horrified by the reported carnage.

Brett Wilkins ·


On This July 4th, Abortion Rights Movement Says 'We're Not in the Mood for Fireworks'

"If we don’t have the ability to make decisions about if, when, and how to grow our families—we don't have freedom."

Brett Wilkins ·


Deadly Glacier Collapse in Italy 'Linked Directly to Climate Change'

At least seven people were killed when a glacier slid down a mountainside near a popular climbing route in the Alps on Sunday.

Julia Conley ·


'Organized Whitewash': US Claims Israeli Military's Murder of Journalist Not Intentional

"The odds that those responsible for the killing of Shireen Abu Akleh will be held to account are all but nonexistent," said the human rights group B'Tselem in response to findings of U.S. State Department.

Brett Wilkins ·


Hundreds March in Akron Enraged by Police Killing of Jayland Walker

"The police can do whatever they want," said one local resident through tears. "They can take our children's lives and think it's okay."

Julia Conley ·

Common Dreams Logo