(Cyberwar.news) The U.S. government fears sensitive data may have been breached over a three-year period following the discovery of a major cybersecurity lapse at Juniper Networks, a private encrypted communications software firm, CNN reported.
U.S. officials believe that a foreign government was behind the hack, enabling it to spy on encrypted communications of the U.S. government and private firms that use Juniper Networks equipment.
The FBI is investigating the breach after Juniper disclosed the incident last week, along with an emergency security patch that it heavily recommended customers to install “with the highest priority.”
Federal officials and the company say it appears as though hackers entered through back doors installed on computer equipment.
Officials said they are concerned that sophisticated hackers who breached the equipment may have used their access to violate the systems of any company or government agency that used it.
One U.S. official compared the incident to “stealing a master key to get into any government building,” according to CNN.
The news network further reported:
The breach is believed to be the work of a foreign government, U.S. officials said, because of the sophistication involved. The U.S. officials said they are certain U.S. spy agencies themselves aren’t behind the back door. China and Russia are among the top suspected governments, though officials cautioned the investigation hasn’t reached conclusions.
Officials familiar with the breach said they don’t yet know the extent of the data compromise. However, they added that Juniper Networks equipment is used so widely that it likely will take awhile to determine how much damage has been done.
A senior administration official told CNN, “We are aware of the vulnerabilities recently announced by Juniper. The Department of Homeland Security has been and remains in close touch with the company. The administration remains committed to enhancing our national cybersecurity by raising our cyber defenses, disrupting adversary activity, and effectively responding to incidents when they occur.”
Juniper Networks sells computer networking equipment and routers to big corporations and the U.S. government. Clients include the Department of Defense, the Justice Department, FBI and Treasury Department.
On its web site the firm boasts it provides networks that “U.S. intelligence agencies require.”