Cisco launches code review after Juniper's spyware disclosure

No unauthorised code has been found yet but the review continues

Cisco Systems has launched an internal code review following Juniper's disclosure last week of unauthorised spying code found in its enterprise firewall products.

So far, "we have no indication of unauthorised code in our products," wrote Anthony Grieco, senior director of Cisco's Security and Trust Organisation, in a blog post Monday.

The code review was initiated by Cisco and not the result of contact by law enforcement, Grieco wrote.

Juniper said on Thursday an internal audit uncovered code that could allow secret remote access and also compromise encrypted VPN connections. The code was found in some versions of an operating system called ScreenOS that powers firewall devices.

Juniper is investigating but has not commented so far on how it suspects the code was inserted. The company's forthright admission has been met with praise but with hopes more details are released.

Juniper's problem is the latest in a string of issues that have affected major networking vendors, whose routers and firewalls have deep access to an organisation's Internet traffic. The devices are pivotal points to launch spying campaigns.

Documents leaked by former NSA contractor Edward Snowden in 2013 showed how Western intelligence agencies have sought to compromise equipment made by Juniper, Huawei and Cisco.

Grieco wrote that Cisco's development practices prohibit the insertion of "backdoors" in its products. Backdoors allow covert access, such as undocumented account credentials, covert communication channels or undocumented traffic diversion tools.

No indicators similar to those discovered by Juniper have been found in Cisco's code, Grieco wrote. Cisco's processes include penetration testing and code reviews by networking and cryptography engineers, he wrote.

"Although our normal practices should detect unauthorized software, we recognise that no process can eliminate all risk," Grieco wrote.

Since the Snowden documents became public, Cisco has put significant effort into debunking suspicions that it willingly worked with spy agencies such as the NSA.

In May 2014, Cisco's then-CEO John Chambers sent a letter to President Obama in May 2014, warning that spying operations that interfered with its equipment "undermine confidence in our industry."

Huawei has been shut out of major business in countries such as the US and Australia over unfounded beliefs it works with Chinese intelligence agencies.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags ciscojuniper networks

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?