US investigates NSA role in Juniper hack

The US Congress is investigating the possibility that the National Security Agency may have been involved in developing a backdoor in the ScreenOS software of Juniper Networks network equipment.

It has previously been suggested that the NSA has had to deal with setting a weakened encryption algorithm in the software. Now a special committee of Congress will investigate whether that was indeed the case. This month, the committee sent letters to 24 government agencies to ask if they were using Juniper equipment and whether the equipment was running ScreenOS software.

The initial goal of the investigation was to find out if hackers could have entered government agencies. If it turns out that a government agency actually provided the backdoor, that would change the entire debate, said Will Hurt, a Republican from Texas, in an interview with Reuters. What would play into this is that the first vulnerability in the software was based on a technique devised by the NSA.

Hurt believes that the US government itself should not ask to implement techniques to weaken security that are also used by the government itself. Juniper hasn’t said how the code ended up in the software, but major customers may have demanded that some code be included as part of a contract, former employees told Reuters. The NSA would be a logical suspect for added code from 2008, but a security researcher at the International Computer Science Institute thinks the code from 2012 and 2014 may have been inserted by other countries.

Pieces of code found in December meant that VPN connections running through ScreenOS were not secure. The algorithm that was in the software is called Dual_EC_DBRG. As early as 2007, it was discovered that the algorithm is not secure.