Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

36 hours left in this Mid-Year Campaign. This is our hour of need.
If you value independent journalism, please support Common Dreams.

Join the small group of generous readers who donate, keeping Common Dreams free for millions of people each year. Without your help, we won’t survive.

(Photo: AP)

If a Close US Ally Backdoored Juniper, Would NSA Tell Congress?

Marcy Wheeler

 by EmptyWheel

You may have heard that Juniper Networks announced what amounts to a backdoor in its virtual private networks products. Here’s Kim Zetter’s accessible intro of what security researchers have learned so far. And here’s some technical background from Matthew Green.

As Zetter summarizes, the short story is that some used weaknesses encouraged by NSA to backdoor the security product protecting a lot of American businesses.

They did this by exploiting weaknesses the NSA allegedly placed in a government-approved encryption algorithm known as Dual_EC, a pseudo-random number generator that Juniper uses to encrypt traffic passing through the VPN in its NetScreen firewalls. But in addition to these inherent weaknesses, the attackers also relied on a mistake Juniper apparently made in configuring the VPN encryption scheme in its NetScreen devices, according to Weinmann and other cryptographers who examined the issue. This made it possible for the culprits to pull off their attack.

As Green describes, the key events probably happened at least as early as 2007 and 2012 (contrary to the presumption of surveillance hawk Stewart Baker looking to scapegoat those calling for more security). Which means this can’t be a response to the Snowden document strongly suggesting the NSA had pushed those weaknesses in Dual_EC.

I find that particularly interesting, because it suggests whoever did this either used public discussions about the weakness of Dual_EC, dating to 2007, to identify and exploit this weakness, or figured out what (it is presumed) the NSA was up to. That suggests two likely culprits for what has been assumed to be a state actor behind this: Israel (because it knows so much about NSA from having partnered on things like StuxNet) or Russia (which was getting records on the FiveEyes’ SIGINT activities from its Canadian spy, Jeffrey Delisle).  The UK would be another obvious guess, except an Intercept article describing how NSA helped UK backdoor Juniper suggests they used another method.

Which leads me back to an interesting change I noted between CISA — the bill passed by the Senate back in October — and OmniCISA — the version passed last week as part of the omnibus funding bill. OmniCISA still required the Intelligence Community to provide a report on the most dangerous hacking threats, especially state actors, to the Intelligence Committees. But it eliminated a report for the Foreign Relations Committees on the same topic. I joked at the time that that was probably to protect Israel, because no one wants to admit that Israel spies and has greater ability to do so by hacking than other nation-states, especially because it surely learns our methods by partnering with us to hack Iran.

Whoever hacked Juniper, the whole incident offers a remarkable lesson in the dangers of backdoors. Even as FBI demands a backdoor into Apple’s products, it is investigating who used a prior US-sponsored backdoor to do their own spying.


© 2021 EmptyWheel.net
Marcy Wheeler

Marcy Wheeler

Marcy Wheeler is a journalist who writes the blog Emptywheel. She publishes at various outlets including the Guardian, Salon and the Progressive. Wheeler won the 2009 the Hillman Award for blog journalism.

Just ONE DAY left in our crucial Mid-Year Campaign and we might not make it without your help.
Who funds our independent journalism? Readers like you who believe in our mission: To inform. To inspire. To ignite change for the common good. No corporate advertisers. No billionaire founder. Our non-partisan, nonprofit media model has only one source of revenue: The people who read and value this work and our mission. That's it.
And the model is simple: If everyone just gives whatever amount they can afford and think is reasonable—$3, $9, $29, or more—we can continue. If not enough do, we go dark.

All the small gifts add up to something otherwise impossible. Please join us today. Donate to Common Dreams. This is crunch time. We need you now.

'We Will Fight! We Will Win!': Nearly 200 Abortion Rights Defenders Arrested in DC

"If people don't see the rage," said one woman at the protest, "nothing changes."

Jon Queally ·


Federal Abortion Ban Desired by GOP Would Increase Maternal Deaths by 24%: Study

"Pregnancy shouldn't kill people—in fact, in other rich countries it very rarely does," said the lead author of the new analysis.

Jake Johnson ·


Naomi Klein: The US Is in the Midst of a 'Shock-and-Awe Judicial Coup'

"The rolling judicial coup coming from this court is by no means over," warned the author of "The Shock Doctrine."

Jake Johnson ·


Markey, Bowman Join Climate Coalition in Urging SCOTUS Expansion

"We cannot sit idly by," said Markey, "as extremists on the Supreme Court eviscerate the authorities that the government has had for decades to combat climate change and reduce pollution."

Brett Wilkins ·


Ocasio-Cortez Says US 'Witnessing a Judicial Coup in Process'

"It is our duty to check the Court's gross overreach of power in violating people's inalienable rights and seizing for itself the powers of Congress and the president."

Brett Wilkins ·

Common Dreams Logo