I couldn’t tweet a better description than the headline for this piece: After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case. https://www.cyberscoop.com/nsa-juniper-backdoor-wyden-espionage/

For those who haven’t heard this story, the context here is back in 2015 hackers broke into the source code repository of Juniper’s NetScreen firewalls and introduced serious vulnerabilities. 1/

Everyone has heard of the SolarWinds supply chain attack, but almost nobody outside our little community remembers Juniper. We don’t even know who the ultimate victim was. And there’s a reason for that. 2/

The reason is simple: following the Juniper hack, the FBI and Juniper put a tight lid on everything. Nobody, including members of Congress, were able to get straight answers about who did it or what the target was. So it vanished from our collective memory. 3/

This has real consequences. To some extent our lack of preparedness for SolarWinds is a direct result of our government’s decision to pretend that the previous major supply-chain attacks didn’t happen. 4/

Why has the Juniper attack been buried by secrecy? There are two possible answers. One has to do with the nature of the hack, which very likely repurposed an existing backdoor in NetScreen firewalls. The other has to do with the ultimate target. 5/

Regarding the first, we know that Juniper included a *likely* crypto backdoor based on an NSA algorithm called Dual_EC_DRBG even before the hack. We also know that the attackers repurposed that code to use new public keys of their choosing. This is very embarrassing. 6/