Connect with us

Activism

Top Secret Document Indicates NSA Knew Of Juniper Vulnerabilities In 2011

Published

on

Juniper Networks, a Sunnyvale, Calif-based network hardware manufacturer that last week reported finding an unauthorized code in its firmware making it possible for hackers to access its devices, could have been vulnerable for several years, based on a top-secret document released by Intercept, a website dedicated to transparency in government and corporate institutions. The document, shared by Edward Snowden, indicates the National Security Agency (NSA) was aware of its Juniper’s vulnerabilities since 2011.

Juniper’s admission last week that an unauthorized party added code to its firmware used in its NetScreen devices is a “huge admission” as it could allow attackers to gain access to devices and to decrypt virtual private network (VPN) connections, according to TheNextWeb. Juniper builds network hardware that is used by companies worldwide.

Does Juniper Know When Code Came?

The fact that Juniper either does not know or will not admit when the software was added (or by whom) is concerning, according to TNW. Juniper has released a patch for NetScreen devices, but there is no way to detect an attack.

The document newly released by Intercept indicates that NSA was aware of Juniper vulnerabilities since 2011 and that GCHQ, the U.K. intelligence agency, was able to exploit these flaws.

Compromising the connections that Juniper products protect would yield access to highly-sensitive information, HD Moore, chief research officer at Rapid7, a Boston, Mass.-based IT security provider, told The Verge. The number of devices vulnerable to Juniper’s “backdoors” are estimated at around 26,000.

GCHQ, with the cooperation of the NSA, gained the capability to exploit security vulnerabilities in 13 different models of Juniper firewalls, according to the document, which is dated Feb.3, 2011.

Document Raises Big Questions

Titled “Assessment of Intelligence Opportunity – Juniper,” the six-page document raises questions about whether the intelligence agencies were culpable for creating the security holes disclosed by Juniper last week, according to the Intercept article by Ryan Gallagher and Glenn Greenwald.

The document indicates the agencies, unlike the unidentified parties responsible for the hacks, were able to penetrate the NetScreen security products that allow companies to build firewalls for VPNs. It also indicates that GCHQ capabilities clustered around “ScreenOS,” an operating system that only powers a subset of Juniper products such as the NetScreen line.

Juniper’s other products, such as Internet routes, run on JUNOS, a different operating system.

The document does not indicate a specific link between GCHQ, NSA and the Juniper hacks.

But any possible links between the intelligence agencies and the security vulnerabilities are relevant on account of a current debate in the U.K. and the U.S. over government backdoors that enable access to encrypted data.

Did NSA Help Create A Backdoor?

Security researchers and cryptographers have noted that a newly-discovered Juniper vulnerability could have come from a NSA-engineered encryption backdoor and co-opted by someone else.

U.S. officials, meanwhile, are reviewing how the Juniper hacks could impact their own networks, which puts them in a position of trying to protect their own encryption while they criticize others for encryption.

NSA seal

The document’s author, a NSA employee who worked as part of an “Access Strategy Team” with GCHQ, expresses an adversarial position about encryption by referring to Juniper as a “target” and a “threat” as it provides technology to shield data from eavesdropping.

While not suggesting security agencies should help U.K. and U.S. firms fix digital defenses, the document claims the agencies should keep up with Juniper technology to pursue signals intelligence, known as SIGINT.

Why Juniper Matters

The threat, according to the document, comes from Juniper’s emphasis on being a security leader. Juniper is “at the core” of the Internet in many nations, the document notes. As telecom companies move to all IP networks, Juniper will play a bigger role in converged networks.

If the SIGINT community lags, it could take years to regain a Juniper router access capability or firewall if Juniper rapidly grows its security.

The document sheds light on NSA’s secret attempts to make sure it can monitor information flowing through Juniper products, which are used by banks, Internet providers, government agencies and universities. Juniper is a technology at the Internet core in many nations, including some considered having high priority for spying: China, Pakistan and Yemen.

Also read: Is the NSA using zero-day exploits before reporting them?

GCHP And NSA: No Comment

In response to requests for comment by Intercept, GCHP said the agency does not comment on intelligence matters and abides by a strict legal framework.

NSA did not respond to a request for comment on Tuesday.

Juniper, for its part, said it operates with the highest ethical standards and is committed to the security, integrity and quality of its products. The company said it does not intentionally have backdoors that can compromise its products or place customers at risk. It further said it does not work with other parties to add vulnerabilities to its products.

Two New Juniper Vulnerabilities

In last week’s announcement, Juniper reported having found “unauthorized code” in ScreenOS that allowed for two vulnerabilities. One vulnerability first emerged in an August 2012 release that can allow access to encrypted data sent over VPNs. The other vulnerability surfaced in a December 2014 release and enables an attacker to administer a firewall remotely, resulting in a full compromise of the device. These vulnerabilities existed in ScreenOS released through October of this year at least.

The first of these vulnerabilities can enable eavesdropping on VPNs, according to Intercept. This vulnerability has resulted in an online discussion among security professionals.

Matthew Green, a Johns Hopkins professor, and Ralf-Philipp Weinmann, a security researcher, said an attacker apparently subverted a backdoor shown from previously-disclosed Snowden documents to have come from NSA. It seems the attacker tampered with a 32-byte value that seeded generation of random numbers that are used to process encrypted ScreenOS data. ScreenOS uses the value as part of a system for Dual Elliptic Curve Deterministic Random Bit Generator, a random number generation.

The default 32-byte value is believed to be generated by NSA.

In the wake of the Snowden revelations on the standard, Juniper said it replaced the 32-byte value with its self-generated basis points. Hence, the attacker would have changed Juniper’s replacement of NSA’s 32-byte value.

2011 Concerns Not Tied To New Ones

The document indicates the 2011 capabilities against Juniper do not connect to the recently-uncovered vulnerabilities, according to Matt Blaze, director of the University of Pennsylvania’s Distributed Systems Lab and a cryptographic researcher. The 2011 assessment indicates reverse engineering could be needed depending on firmware revisions that impact targeted NetScreen firewall models.

The exploit capabilities in the 2011 document were consistent with “FEEDTROUGH,” a program revealed in 2007 in a document published next to a Der Spiegel article, Blaze said.

Intelligence agencies used the security holes identified in Juniper devices to penetrate them for surveillance repeatedly, the document notes. Juniper technology shared with NSA improved significantly in 2010 to exploit several targeted networks in which GCHQ had primary access.

A Complication And An Opportunity

Since Juniper is a U.S.-based firm, the assessment notes there is complication and opportunity in targeting the technology. There is potential to leverage a corporate relationship if one exists with NSA, the document states. GCHQ attempts to exploit Juniper have to start with close coordination with NSA, it adds.

GCHQ has an existing exploit capability against 13 Juniper models. All of the models run ScreenOS: ISG2000, ISG1000, SSG140, SSG20, SSG5, NS5000, NS5200, NS208, NS204, NS500, N25, and NS5gt.

The agency was developing another surveillance capability to hack the Juniper M320 routers designed for use by Internet providers.

The ability to exploit Juniper firewalls and servers will pay dividends for years, the document says.

Images from Shutterstock and Wikimedia.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

3.9 stars on average, based on 8 rated postsLester Coleman is a veteran business journalist based in the United States. He has covered the payments industry for several years and is available for writing assignments.




Feedback or Requests?

Activism

Stock Pick: Philip Morris

Published

on

Philip Morris International Incorporated is an American multinational firm that manufactures cigarettes and tobacco. Its products including its best-seller Marlboro cigarettes that are sold in over 180 countries around the world. The company has a diverse workforce of over 81,000 employees and touts an estimated 150 million consumers worldwide. In 2017, Philip Morris generated 7.8 billion dollars in revenues.

Technical Analysis of Philip Morris (PM)

PM looked toppish in June 2017 when it failed to take out resistance of $120 after two attempts. On top of that, the stock was trading in extreme overbought territory on the weekly chart. These were indications that bulls were exhausted.

Things went from bad to worse when the stock breached support of $110. This activated the head and shoulders reversal pattern on the daily chart and effectively reversed the trend. The downtrend saw PM drop to as low as $76.21 in June 2018. However, it appears that the worst may be over for the stock.

Technical analysis show that PM is respecting key support of $78. Bulls have defended this level since February 2012. It looks like they will continue to take control of this price level, especially after PM successfully backtested the support in August 2018.

In addition, we can see the weekly RSI breakout from its own falling wedge pattern. This is an indication that bulls are significantly gaining momentum.

Fundamental Analysis of Philip Morris (PM)

In addition, we have fundamental analysis to back up our bullish view. PM’s trailing twelve month price to earnings ratio stands at 19.78. The stock is still relatively undervalued considering that it has a five-year maximum of 28.51. This suggests that investors are generally willing to pay more for PM stocks.

On top of that, Zacks reports that Philip Morris beat expert projections for the second quarter of 2018. Analysts estimated that PM would generate revenues of $7.528 million and an earnings per share (EPS) of $1.23. However, PM brought in revenues of $7.726 million and an EPS of $1.41. With these developments, even the Wall Street Journal is overweight on the stock as they published a target price of $93.27.

The strategy is to buy as close to $78 support as possible. If bulls can successfully defend the support, then PM might be able to rally to our target of $95.

The timeline for the target is less than six months.

Weekly PM Chart

Monthly PM Chart

As of this writing, the Philip Morris International Incorporated stock (PM) is trading at 81.93.

Summary of Strategy

Buy: As close to 78 support as possible.

Target: 95

Stop: Close below 76.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

3.9 stars on average, based on 330 rated postsKiril is a CFA Charterholder and financial professional with 5+ years of experience in financial writing, analysis and product ownership. He has passed all three CFA exams on first attempt and has a bachelor's degree with a specialty in finance. Kiril’s current focus is on cryptocurrencies and funds, as he does his own crypto research and is a Product Manager at Mitre Media. He also has his personal website, InvestorAcademy.org where he teaches people about the basics of investing. His ultimate goal is to help people with limited knowledge of finance and investments to create investment portfolios easily, and in line with their unique circumstances.




Feedback or Requests?

Continue Reading

Activism

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary

Published

on

The long-running court saga of Lauri Love, a British hacker and activist accused of compromising and stealing data from the likes of the FBI, NASA and the US Federal Reserve has been ordered by the UK’s home secretary for his extradition to the United States.

31-year-old Love who has Asperger’s syndrome launched a legal challenge to avoid his extradition to the U.S., following a court ruling by a UK judge in September 2016. Love, who suffers from depression and eczema argued against the extradition ruling, claiming it could lead him to a mental breakdown or suicide. Despite his plea, the ruling district judge, Nina Tempia, determined that Love would be cared for by medical facilities in the United States, while accepting that Love suffered “both physical and mental issues.”

On the other side of the pond, Love potentially faces legal proceedings in three different US jurisdictions, reports the Guardian. Meanwhile, the UK home secretary had been given a deadline of November 16, in order to decide if Love was to be extradited or not. A day before the deadline, Rudd signed the order for Love’s extradition to the US. His lawyers believe he faces up to 99 years in prison if convicted of charges related to hacking.

The UK Home Office stated that Rudd had “carefully considered all relevant matters” before ruling:

[Love] has been charged with various computer hacking offences which included targeting US military and federal government agencies.

The case drew parallels to that of Gary McKinnon, a British hacker whose extradition to the US was blocked by Theresa May in 2012, as the home secretary at the time.

Love’s legal battle with the ruling garnered support from The Courage Foundation, whose acting director Sarah Harrison stated:

The US has ruthlessly persecuted hackers and digital activists for years, and nobody expects that to improve under President Trump. Theresa May set a good example by protecting Gary McKinnon back in 2012. For a home secretary in her government now to willingly send a brilliant and vulnerable UK citizen to Donald Trump’s America beggars belief.

Love was bailed earlier this year in June when US prosecutors were already doing plenty to extradite him stateside.

Lori’s alleged hacking endeavors were a part of #Oplastresort, an operation by Anonymous, the global hacktivist collective. This particular operation was in response to the treatment endured by Aaron Swartz a prominent programmer and hacktivist. Swartz faced 35 years In prison, asset forfeiture and a million dollars in fines with two counts of wire fraud. Swartz committed suicide for his alleged computer crimes.

Love’s legal defense is certain to bring up the unfortunate series of events that led to Swartz committing suicide under the threat of persecution. Love has 14 days to appeal against Rudd’s order and will almost certainly do so.

Images from YouTube/AP.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

4 stars on average, based on 1 rated postsSamburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.




Feedback or Requests?

Continue Reading

Activism

WikiLeaks: Podesta Received E-mails On Extraterrestrial Disclosure

Published

on

While most fallout from the Podesta emails has been political, there are extraterrestrial implications for some of the e-mails released by whistleblower source WikiLeaks. 

An email on behalf of Apollo astronaut Dr. Edgar Mitchell to Clinton campaign chairman John Podesta turned up in the recent data dumps. The email was sent by Rebecca Wright of the Institute of Exoconsciousness. 

Mitchell requested in an email dated July 29, 2014 to meet with President Barack Obama to discuss extraterrestrial disclosure, but was partially rebuffed.

“Fifty years ago Battelle, Brookings and RAND studies on UFOs convinced the government to remove knowledge of the extraterrestrial presence from the citizens of our country. These organizations advised with their best information. However, today much, if not most, of the extraterrestrial reality they examined is known by our citizens,” the e-mail states. “These organizations’ resultant strategies and policies of 50 years ago no longer hold credibility or benefit.” Mitchell says a well-informed public is important to further disclosure. 

Podesta’s secretary wrote Mitchell saying Mr. Podesta would rather meet alone before arranging a meeting with Obama. A Skype meeting was scheduled for Aug 11, but whether or not the meeting happened is unclear. Mitchell died in February 2016.

According to the leaks, former Blink 182 frontman Tom Delonge emailed John Podesta twice about extraterrestrial beings.

“Things are moving with the project. The novels, films and nonfiction works are blooming and finishing,” DeLonge said in an October 2015 email to Podesta. “I would like to bring two very ‘important’ people out to meet you in DC. I think you will find them very interesting, as they were principal leadership relating to our sensitive topic.” DeLonge emailed again later.

“When Roswell crashed, they shipped it to the laboratory at Wright Patterson Air Force Base. General McFasland was in charge of that exact laboratory up to a couple years ago,” DeLonge wrote. “He not only knows what I’m trying to achieve, he helped assemble my advisory team. He’s a very important man.”

Hacked reported in 2015 that DeLonge was working on various ET-related projects, and the former pop-punk superstar, whose 1999 album Enema of the State sold 15 million copies worldwide, has since released books and plans to release a documentary on extra terrestrials.

Featured image from Shutterstock.

Important: Never invest (trade with) money you can't afford to comfortably lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here. Trade recommendations and analysis are written by our analysts which might have different opinions. Read my 6 Golden Steps to Financial Freedom here. Best regards, Jonas Borchgrevink.

Rate this post:

Important for improving the service. Please add a comment in the comment field below explaining what you rated and why you gave it that rate. Failed Trade Recommendations should not be rated as that is considered a failure either way.
0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this.
Loading...

5 stars on average, based on 2 rated postsJustin O'Connell is the founder of financial technology focused CryptographicAsset.com. Justin organized the launch of the largest Bitcoin ATM hardware and software provider in the world at the historical Hotel del Coronado in southern California. His works appear in the U.S.'s third largest weekly, the San Diego Reader, VICE and elsewhere.




Feedback or Requests?

Continue Reading

Recent Posts

A part of CCN

Hacked.com is Neutral and Unbiased

Hacked.com and its team members have pledged to reject any form of advertisement or sponsorships from 3rd parties. We will always be neutral and we strive towards a fully unbiased view on all topics. Whenever an author has a conflicting interest, that should be clearly stated in the post itself with a disclaimer. If you suspect that one of our team members are biased, please notify me immediately at jonas.borchgrevink(at)hacked.com.

Trending