Tech companies investigate reports of NSA backdoors in products
Some of the top technology companies – whose products have been reported by Germany-based news group Der Spiegel as containing NSA backdoors – have denied allegations of being involved and are conducting investigations.
The Der Spiegel reports are based on leaked documents, which reveal that network equipment company Juniper Networks had several compromised products, including the SSG 300 and SSG 500 series firewalls, the Juniper Netscreen NSG5T, NS25, NS50, and ISG1000, and the Juniper J-series and M-series routers.
“We take allegations of this nature very seriously and are working actively to address any possible exploit paths,” Cindy Ta, a Juniper spokesperson, told SCMagazine.com in a Monday email. “[We] are committed to maintaining the integrity and security of our products. We are also committed to the responsible disclosure of security vulnerabilities, and if necessary, will work closely with customers to implement any mitigation steps.”
The Der Spiegel reports began coming out on Dec. 29 and highlight an NSA special department known as Tailored Access Operations (TAO), which is said to employ more than a thousand hackers. Ta said Juniper only recently became aware of alleged security compromises of technology products, some dating back to 2008.
“Juniper Networks is not aware of any so-called “BIOS implants” in our products and has not assisted any organization or individual in the creation of such implants,” Ta said. “Juniper maintains a Secure Development Lifecycle, and it is against Juniper policy to intentionally include “backdoors” that would potentially compromise our products or put our customers at risk.”
Chinese networking and telecommunications equipment and services company Huawei was also named in the secret documents as having NSA backdoors in its products, including the Eudemon 200, 500 and 1000 series firewalls, as well as the company's routers.
“As we have said in the past, threats to network and data integrity can come from any and many sources,” William Plummer, vice president of external affairs, told SCMagazine.com in a Monday email. “While the security assurance programs we have in place are designed to deter and detect such malicious activity, we will conduct appropriate audits to determine if any compromise has taken place and to implement and communicate any fixes as necessary.”
The Cisco 500 series PIX firewalls and ASA firewalls, as well as the Dell PowerEdge 1850, 2950, 2850 and 2950 RAID servers, were also ousted in the documents as having been compromised. John Stewart, Cisco's chief security officer, responded in a statement posted to the company website.
“On Monday, Dec. 30th, Der Spiegel magazine published additional information about the techniques allegedly used by NSA TAO to infiltrate the technologies of numerous IT companies,” according to Stewart's blog. “As a result of this new information coming to light, the Cisco Product Security Incident Response Team has opened an investigation.”
[This story has been updated to reflect that Juniper only recently became aware of alleged security compromises in its products, and not actual security compromises.]