House Dem lashes out at company behind flawed government software

April 28, 2016
In The News

By CORY BENNETT

The Hill

A tech-focused House member on Wednesday went after the company behind vulnerable software that many believe left government secrets exposed to foreign spies. Rep. Ted Lieu (D-Calif.) lashed out during a House hearing exploring whether any government data was stolen as a result of the flaw in a software made by Juniper Networks.

Lieu was incensed that Juniper, which makes a variety of IT products widely used in government, was not testifying. “I find it disrespectful that they did not come here to testify,” Lieu said at the House Subcommittee on Information Technology hearing. “It insinuates they have something to hide.”

Juniper’s software vulnerability was spotted in December, when the company acknowledged it had found unauthorized code in its ScreenOS product. Security experts said the code had been intentionally altered, and Juniper said the change could have let hackers infiltrate networks and decrypt traffic. As ScreenOS had been widely deployed across federal agencies for years, many feared foreign governments had long been exploiting the defect to snoop on U.S. officials.

One U.S. official told CNN the situation was akin to “stealing a master key to get into any government building.”

At Wednesday’s hearing, Lieu took issue with what he thought was lenient treatment of Juniper, which several people described as a “victim” of the cyberattack that altered its software code. “Juniper is not the victim in this case,” Lieu said. “The U.S. government and the American people are.”

Lieu, who holds a bachelor’s degree in computer science, said companies that manufacture products to protect government information should be held more accountable. “They failed,” Lieu insisted. “I just think we need to put this in the prosper prospective.”