The government is investigating unauthorized code that was inserted into the software for Sunnyvale-based multinational corporation Juniper's networking technology.
Experts warn that the code could have been inserted as a kind of back door, used by hackers or officials to spy on customers using the networking technology. Officials in the United States are investigating as to whether or not the code could have been inserted by a foreign government to tap into U.S. government communications.
Some have also speculated that Juniper could have been working with the U.S. government to have the code inserted. The National Security Agency, for example, has been known to use back doors to spy on citizens. Not only that, but it was revealed in 2013 that the NSA had created malware called "FEEDTROUGH" that targeted Juniper firewalls.
Juniper, however, has denied that it has ever worked with any governments to install back doors into its systems. It has also deployed updates to its software that patch any vulnerabilities since they were discovered.
"[W]e strongly recommend that customers update their systems and apply the patched releases with the highest priority," said Juniper in a statement.
The code itself was inserted into the screenOS software that runs on Juniper's products.
Juniper has also said that it found a second security issue upon reviewing its screenOS software. This vulnerability would allow an attacker to monitor and decrypt VPN traffic. It also said it hasn't discovered that these issues have been exploited.
The news highlights a year of several high profile network breaches, including breaches at the White House and at the Office of Personal Management.
"This shines a light on the fact that kind of attack is something intelligence agencies are probably doing," said Chris Wysopal, chief technology officer at Veracode, in an interview.