Cisco Reviews Code After Juniper Backdoor Revelation

Cisco is to check all of its products for any unauthorised code following the discovery of a backdoor in Juniper Networks’ NetScreen firewalls last week.

The San Jose-based firm says it has a strict ‘no backdoor policy’ in place and is adamant that its development process makes it difficult for malicious code or security bypasses to be introduced. It adds it has seen no evidence to suggest these safeguards have been breached.

However following the Juniper revelation last week, Cisco feels it needs to reassure customers who might be concerned about its equipment.

Cisco review

“We have seen none of the indicators discussed in Juniper’s disclosure,” said Anthony Grieco, senior director of Cisco’s Security and Trust organisation. “Our products are the result of rigorous development practices that place security and trust at the fore. They also receive continuous scrutiny from Cisco engineers, our customers, and third party security researchers, contributing to product integrity and assurance.

“Although our normal practices should detect unauthorised software, we recognize that no process can eliminate all risk. Our additional review includes penetration testing and code reviews by engineers with deep networking and cryptography experience.

“Cisco launched the review because the trust of our customers is paramount. We have not been contacted by law enforcement about Juniper’s bulletin, and our review is not in response to any outside request. We are doing this because it’s the right thing to do.”

Grieco added that any findings would be made public in accordance with its security vulnerability policy and encouraged any customers or researchers to report any suspected issues.

The backdoor in Juniper’s code was uncovered during an internal review and could allow a “knowledgeable attacker” to gain admin access to NetScreen devices and decrypt VPN connections. It has recommended all customers update their systems, but it is still unclear who implemented the code in the first place.

Do you know the secrets of Cisco? Take our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

CMA Secures Google Commitment To Tackle Fake Reviews

British competition watchdog secures undertaking from Google to tackle fake reviews, as Amazon probe continues

20 mins ago

Trump Signs AI ‘Free From Idealogical Bias’ Executive Order

After earlier revoking Biden's AI safety executive order, President Trump signs new executive order to…

2 hours ago

OpenAI’s ‘Operator’ Agent Automates Online Tasks

OpenAI launches AI agent called 'Operator' to automatically fill out forms, make restaurant reservations, book…

21 hours ago

Pakistan’s Parliament Passes Bill For Strict Control On Social Media

Bill passed to give Pakistani government sweeping controls on social media, but critics argue it…

22 hours ago

Indian Tribunal Suspends Meta’s Data Sharing Ban

After Meta had warned that India's data sharing ban could collapse WhatsApp's business model, tribunal…

1 day ago

UK’s CMA Begins Probe Into Apple, Google Mobile Ecosystems

British regulator confirms investigation of Apple and Google's domination of app stores, operating systems, and…

1 day ago