While studying for my CISSP I found it incredibly helpful to read the latest hacker news and security compromises in the world, and relate it directly to my CISSP studies.
When Target had a breach, the company announced they would create a CIO position. Why? I went to the Information Security and Risk Governance chapter, and read up on information security governance structures to find out. More specifically, the role of a CIO.
When the Heartbleed bug was discovered, I went to the Telecommunications and Network Security chapter and read up on SSL and TLS.
If you are studying for the CISSP, the Juniper Vulnerability is another event in the news that could aid you in getting a better understanding of encryption, decryption, VPNs, and how it effects information security professionals in the
Juniper VPN Bug
Juniper recently came out and stated that they discovered a VPN bug in their firewalls that could give an attacker the ability to DECRYPT VPN TRAFFIC.
This is a big deal. It threatens the very cornerstone of our confidentiality on the Internet. E-commerce could not exist without confidentiality.
In addition to a VPN bug, Juniper has also disclosed the existence of another backdoor, which allows anyone with the now public password to SSH into a vulnerable firewall.
Here’s the kicker, these two vulnerabilities are not accidental!
The VPN bug is said to have been put in by the NSA. Then another party, maybe a state-sponsored foreign entity, used the VPN bug in order to create their OWN backdoor!
Who knew that spycraft and espionage would ever get so technical?!
What It Means for Security Professionals
You are a security engineer for a managed security services firm.
You deploy encryption technology like VPNs in order to provide confidentiality of your customer’s data from outside hackers.
Think about it…how are you going to explain your ability to protect data from disclosure to customers, when your own government has circumvention measures in place to the same encryption technology that can decrypt the traffic?
How can you explain to customers that all their firewalls come with a standard NSA backdoor that they shouldn’t worry about?
Then try to further explain how the NSA backdoor, allowed agents from a foreign government to install their own backdoor?
At this time, the least we can do is install the latest patch released by Juniper.
Vulnerable Juniper Firewalls
ScreenOS 6.2.0r15 through 6.2.0r18
6.3.0r12 through 6.3.0r20