Press Releases

Today, Congresswoman Suzan DelBene (WA-01) asked Juniper Networks in a letter to explain how an NSA-designed algorithm, which leading cybersecurity experts believe contains an encryption backdoor, appeared in its products and how the key to this backdoor was later changed by unknown parties.

Juniper first revealed a security breach in late 2015 where an unauthorized code was added to its products. Cybersecurity experts subsequently determined that Juniper had added the NSA-designed algorithm to its products as far back as 2008 and that the breach that Juniper revealed in 2015 involved an unknown entity changing the key to the existing backdoor. According to the experts, this backdoor could be exploited by sophisticated adversaries to decipher encrypted data transmitted between Juniper-manufactured equipment, which is widely used by the U.S. government and private sector. However, despite promising a full investigation, Juniper has never publicly accounted for the incident.

The letter is co-signed by Oregon Senator Ron Wyden, Utah Senator Mike Lee, New Jersey Senator Cory Booker, House Judiciary Committee Chairman Jerrold Nadler (NY-10), House Homeland Security Committee Chairman Bennie Thompson (MS-02), and Representatives Ted Lieu (CA-33), Zoe Lofgren (CA-19), Pramila Jayapal (WA-07), Tom Malinowski (NJ-07), Anna Eshoo (CA-18), Bill Foster (IL-11), Ro Khanna (CA-17), Kathleen Rice (NY-04), Yvette Clarke (NY-09), and Cedric Richmond (LA-02).

“It has now been over four years since Juniper announced it was conducting an investigation, but your company has still not revealed what, if anything, it uncovered. The American people — and the companies and U.S. government agencies that trusted Juniper’s products with their sensitive data — still have no information about why Juniper quietly added an NSA-designed, likely-backdoored encryption algorithm, or how, years later, the keys to that probable backdoor were changed by an unknown entity, likely to the detriment of U.S. national security,” the lawmakers wrote in the letter.

The letter comes amid Attorney General William Barr’s efforts to pressure technology companies to weaken their encryption and assist government surveillance. 

“Juniper’s experiences can provide a valuable case study about the dangers of backdoors, as well as the apparent ease with which government backdoors can be covertly subverted by a sophisticated actor,” the letter continues.

The lawmakers asked Juniper to answer a list of detailed questions by July 10. A copy of the letter is available here.