A TOP-SECRET document dated February 2011 reveals that British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks, a leading provider of networking and Internet security gear.
The six-page document, titled “Assessment of Intelligence Opportunity – Juniper,” raises questions about whether the intelligence agencies were responsible for or culpable in the creation of security holes disclosed by Juniper last week. While it does not establish a certain link between GCHQ, NSA, and the Juniper hacks, it does make clear that, like the unidentified parties behind those hacks, the agencies found ways to penetrate the “NetScreen” line of security products, which help companies create online firewalls and virtual private networks, or VPNs. It further indicates that, also like the hackers, GCHQ’s capabilities clustered around an operating system called “ScreenOS,” which powers only a subset of products sold by Juniper, including the NetScreen line. Juniper’s other products, which include high-volume Internet routers, run a different operating system called JUNOS.
The possibility of links between the security holes and the intelligence agencies is particularly important given an ongoing debate in the U.S. and the U.K. over whether governments should have backdoors allowing access to encrypted data. Cryptographers and security researchers have raised the possibility that one of the newly discovered Juniper vulnerabilities stemmed from an encryption backdoor engineered by the NSA and co-opted by someone else. Meanwhile, U.S. officials are reviewing how the Juniper hacks could affect their own networks, putting them in the awkward position of scrambling to shore up their own encryption even as they criticize the growing use of encryption by others.