Cisco Reviews Code After Juniper Backdoor Revelation

Cisco is to check all of its products for any unauthorised code following the discovery of a backdoor in Juniper Networks’ NetScreen firewalls last week.

The San Jose-based firm says it has a strict ‘no backdoor policy’ in place and is adamant that its development process makes it difficult for malicious code or security bypasses to be introduced. It adds it has seen no evidence to suggest these safeguards have been breached.

However following the Juniper revelation last week, Cisco feels it needs to reassure customers who might be concerned about its equipment.

Cisco review

“We have seen none of the indicators discussed in Juniper’s disclosure,” said Anthony Grieco, senior director of Cisco’s Security and Trust organisation. “Our products are the result of rigorous development practices that place security and trust at the fore. They also receive continuous scrutiny from Cisco engineers, our customers, and third party security researchers, contributing to product integrity and assurance.

“Although our normal practices should detect unauthorised software, we recognize that no process can eliminate all risk. Our additional review includes penetration testing and code reviews by engineers with deep networking and cryptography experience.

“Cisco launched the review because the trust of our customers is paramount. We have not been contacted by law enforcement about Juniper’s bulletin, and our review is not in response to any outside request. We are doing this because it’s the right thing to do.”

Grieco added that any findings would be made public in accordance with its security vulnerability policy and encouraged any customers or researchers to report any suspected issues.

The backdoor in Juniper’s code was uncovered during an internal review and could allow a “knowledgeable attacker” to gain admin access to NetScreen devices and decrypt VPN connections. It has recommended all customers update their systems, but it is still unclear who implemented the code in the first place.

Do you know the secrets of Cisco? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Google Warns Of Italian Spyware On Apple, Android Phones

Italian company's hacking tools have been used to spy on Apple, Android smartphones in Italy…

2 days ago

Intel Signals Delay To Ohio Factory Over US Chips Act Dispute

Chip maker warns new factory in Columbus, Ohio could be delayed or scaled back, over…

2 days ago

Silicon UK In Focus Podcast: Sustainable Business

How do sustainable businesses use technology to innovate? And as businesses want to connect sustainability…

2 days ago

Australia Fines Samsung Over Water-Resistance Claims

Samsung rapped over the knuckles by Australian regulator because of 'misleading' Galaxy smartphone water-resistance claims…

3 days ago

Amazon Reveals Alexa Option To Mimic Any Person’s Voice

Bereavement aid for those in mourning? Amazon's Alexa voice assistant could be programmed to sound…

3 days ago