In a recent announcement, Juniper Network acknowledged that its team had found unauthorized code in some of its software, meaning a back door had been left wide open for hackers who would presumably cover their tracks. This code may have compromised users’ VPNs, and has prompted the FBI to launch an investigation.
In the past year there have been approximately seven hundred large-scale data breaches that have compromised more than 125 million individual consumers’ personal data records. Two of these hacking events–the federal government’s Office of Personnel Management and the Sony Pictures breaches–included some high-profile accounts and were thought to be the work of state-sponsored foreign operatives. In those two events alone almost sixty million different files were compromised; in the case of the OPM hack, 21 million people–four million of whom work for the government and had submitted their birth dates, Social Security numbers, and more–were affected.
With this recent announcement, more than just consumer records is under attack. With the ability to breach a user’s VPN, their internet activity is also under fire. This is especially alarming as VPNs are often touted as one of the safest measures to take when trying to prevent internet spying, identity theft, loss of proprietary information, and trolling. Juniper Network, who supplies software solutions to the US government (among other clients), has now prompted an investigation by the FBI to determine if any sensitive communications or files have been breached or if encrypted documents or emails have been opened, especially by foreign operatives.
Juniper has announced the release of a patch for the vulnerable software, which includes firewall protections and the aforementioned VPNs, and has urged all of its customers to secure their software with the patch as soon as possible. The patch is now available via the company’s website. So far, the company is unaware of any actual hacking activity as a result of the vulnerability, but is aware of the possibility.