![\"backdoor\"](\"https:\/\/hcsblogdotorg.files.wordpress.com\/2015\/12\/backdoor.jpg?w=620\")
<\/p>\n<\/p>\n
ENCRYPTION BACKDOORS HAVE <\/span>been a hot topic in the last few years\u2014and the controversial issue got even hotter after the terrorist attacks in Paris and San Bernardino, when it\u00a0dominated media headlines<\/a>. It even came up during this week\u2019s Republican presidential candidate debate<\/a>. But despite all the attention focused on backdoors lately, no one noticed that someone had quietly installed backdoors three years ago in a core piece of networking equipment used to protect corporate and government systems around the world.<\/p>\n On Thursday, tech giant Juniper Networks revealed in a\u00a0startling announcement<\/a> that it had found \u201cunauthorized\u201d code embedded in an operating system running on some of its firewalls.<\/p>\n The code, which appears to have been in multiple versions of the company\u2019s ScreenOS software going back to at least August 2012, would have allowed attackers to take complete control of Juniper NetScreen firewalls<\/a> running the affected software. It also would allow attackers, if they had ample resources and skills, to separately decrypt encrypted traffic running through the Virtual Private Network, or VPN, on the firewalls<\/a>.<\/p>\n \u201cDuring a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections,\u201d Bob Worrall, the companies\u2019 CIO wrote in a post. \u201cOnce we identified these vulnerabilities, we launched an investigation into the matter, and worked to develop and issue patched releases for the latest versions of Screen OS.”<\/p>\n