Cisco, Huawei and Juniper play down NSA attack reports
25 August 2016 | Alan Burkitt-Gray
Cisco, Huawei and Juniper have played down reports that the US National Security Agency (NSA) has developed tools to spy on traffic running through their equipment.
Juniper and Cisco admitted that there were vulnerabilities, that have now been addressed. Huawei did not go so far, but said the company was making “significant investments” in security.
The reports emerged after a group called Shadow Brokers released files that seemed to show the NSA was targeting not only US companies such as Cisco and Juniper but also Chinese vendor Huawei.
A Huawei spokesperson said: “We do view this as a bit of an old story”, but gave an official statement: “Huawei is aware of allegations of past government attempts to exploit commercial networking gear. We know that networks and related ICT product are under regular and widespread attack and we make significant investments in innovative technologies, processes and security assurance procedures to better secure them, as well as the networks and data of our customers.
“Huawei believes it’s very important for industry and governments to work together to encourage better network and data security and to build trust in the digital world, by collaborating in the development of agreed standards and best practices for the industry.”
Cisco said it had taken action following the Shadow Brokers release. A spokesperson said: “Cisco puts the security of our customers first. When we have a vulnerability in our products, we issue a security advisory to make sure our customers know what it is and how to fix it.”
The company “immediately conducted a thorough investigation of the files released by the Shadow Brokers”, said the spokesperson, and has identified two vulnerabilities affecting Cisco ASA devices that require customer attention.
The spokesperson added: “On August 17, 2016 we issued two security advisories, which deliver free software updates and workarounds where possible.”
Juniper Networks said it “is investigating the recent release of files reported to have been taken from the so-called Equation Group”.
The company said: “This is the first time possible examples of those tools have been available for inspection. As part of our analysis of these files, we identified an attack against NetScreen devices running ScreenOS.
“We are examining the extent of the attack, but initial analysis indicates it targets the boot loader and does not exploit a vulnerability on ScreenOS devices. We will continue to evaluate exactly what level of access is necessary in order to execute the attack, whether it is possible to detect the attack, and if other devices are susceptible.”
Juniper said it would say more “when more detailed information is known about this issue”, either via its blog or in a security advisory.