Cisco Systems, Inc. (NASDAQ:CSCO) initiated additional product reviews to look for unauthorized code after Juniper Networks (NYSE:JNPR) revealed a majority security breach on its firewall software, making it vulnerable to cyberattacks.
Juniper Networks found an unauthorized code in in the operating system (ScreenOS), which the company uses to manage firewalls sold to customers. According to the company, the unauthorized cod could allow attackers to gain administrative access to NetScreen devices and to decrypt VPN connections.
The incident prompted Cisco Systems to launch further review on its products to determine any similar malicious modification. The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) are investigating the security breach at Juniper Networks.
DHS spokesman S.Y. Lee said, “As we routinely do when such vulnerabilities are brought to light, we are assessing the potential impact, if any, on federal networks, and will take any appropriate mitigation measures in close coordination with interagency partners.”
No indication of unauthorized code on Cisco products
In a blog post, Anthony Grieco, senior director, Security and Trust Organization are Cisco said there are no indications of unauthorized code on their products.
“We have seen none of the indicators discussed in Juniper’s disclosure. Our products are the result of rigorous development practices that place security and trust at the fore. They also receive continuous scrutiny from Cisco engineers, our customers, and third party security researchers, contributing to product integrity and assurance,” wrote Grieco.
He added that the company’s normal practices should detect unauthorized software. However, he acknowledged that no process can eliminate all risks. Cisco’s engineers performed additional reviews including penetration testing and code reviews.
Grieco emphasized that Cisco launched the additional review voluntarily because its customers trust is very important. He added, “We have not been contacted by law enforcement about Juniper’s bulletin, and our review is not in response to any outside request. We are doing this because it’s the right thing to do.”
Other tech companies expected to launch similar investigations
Security experts suggested that other technology companies are expected to perform similar investigations. They also noted that it was the first time a major technology company discovered an unauthorized code or backdoor that could trigger cyberattacks.
HD Moore, chief research officer at Rapid7 Inc., said, “I can’t imagine there is a major vendor that isn’t doing a major code audit now.”
Technology companies conduct regular code reviews for bugs including back doors, which are used by malicious hackers to launch cyberattacks on customer networks.
Moore noted that such reviews are focused on unintentionally created back doors, not those that were inserted without the knowledge of manufacturers. He said,
“The challenge is that nobody has been looking for this in the past. If you know you are looking for a malicious backdoor, you have a much better chance of finding something.”