Newly discovered hack has U.S. fearing foreign infiltration
Source: CNN
Washington (CNN)A major breach at computer network company Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years.
The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issue Thursday along with an emergency security patch that it urged customers to use to update their systems "with the highest priority."
The concern, U.S. officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it. One U.S. official described it as akin to "stealing a master key to get into any government building."
The breach is believed to be the work of a foreign government, U.S. officials said, because of the sophistication involved. The U.S. officials said they are certain U.S. spy agencies themselves aren't behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn't reached conclusions.
Read more: http://www.cnn.com/2015/12/18/politics/juniper-networks-us-government-security-hack/index.html
Greenwald and Snowden blah, blah blah... You know the rest...
JimDandy
(7,318 posts)bemildred
(90,061 posts)notadmblnd
(23,720 posts)of INSLAW and it's PROMIS software scandal.
saidsimplesimon
(7,888 posts)Are Da'esh members using "unbreakable encryption" as we are being told by the President's administration? Is it better than our trillion dollar security boondoggles?
Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years.
PosterChild
(1,307 posts)... if they were able to install software on the security systematic they would be able to snoop regardless of the strength of the encryption. For imstance, if the serve waste being used today's store the encryption keys, and they got accessdate today they keys, the leveling of encryption would not be significant.
Think office a key stroke logger secretly installed once am ipad. Regardless of them emailed emcryption, the logger would provide a record of what was typed before it was encrypted and sent.
ilTupe
(12 posts)Going to happen constantly during the rest of my life.
LiberalArkie
(15,728 posts)As they always do.
Phlem
(6,323 posts)just scare people and make more money for the MIC.
Let me guess, what are we going to do about the problem? A: Well it's going to take money to yadda yadda yadda.
Like they are ever going to go public with the true details. We'll never know, but just because they said.........
It's an effing bottomless pit.
ToxMarz
(2,169 posts)Zorro
(15,749 posts)Encrypted communications are pretty secure, so this exploit may not be as damaging as this breathless report suggests.
PersonNumber503602
(1,134 posts)The other gives remote admin access via ssh. :/
PersonNumber503602
(1,134 posts)Are they giving any information out about how they believe this happened? It sounds like this isn't just a typical security bug, but rather code that was intentionally made insecure. Employee/Contractor? Hackers who broke in and modified it secretly? Aliens?