House Dem lashes out at company behind flawed government software

House Dem lashes out at company behind flawed government software
© Cameron Lancaster

A tech-focused House member on Wednesday went after the company behind vulnerable software that many believe left government secrets exposed to foreign spies.

Rep. Ted Lieu (D-Calif.) lashed out during a House hearing exploring whether any government data was stolen as a result of the flaw in a software made by Juniper Networks.

ADVERTISEMENT

Lieu was incensed that Juniper, which makes a variety of IT products widely used in government, was not testifying.

“I find it disrespectful that they did not come here to testify,” Lieu said at the House Subcommittee on Information Technology hearing. “It insinuates they have something to hide.”

Juniper’s software vulnerability was spotted in December, when the company acknowledged it had found unauthorized code in its ScreenOS product. Security experts said the code had been intentionally altered, and Juniper said the change could have let hackers infiltrate networks and decrypt traffic.

As ScreenOS had been widely deployed across federal agencies for years, many feared foreign governments had long been exploiting the defect to snoop on U.S. officials.

One U.S. official told CNN the situation was akin to “stealing a master key to get into any government building.”

At Wednesday’s hearing, Lieu took issue with what he thought was lenient treatment of Juniper, which several people described as a “victim” of the cyberattack that altered its software code.

“Juniper is not the victim in this case,” Lieu said. “The U.S. government and the American people are.”

Lieu, who holds a bachelor’s degree in computer science, said companies that manufacture products to protect government information should be held more accountable.

“They failed,” Lieu insisted. “I just think we need to put this in the prosper prospective.”

At the hearing, the Treasury Department’s chief information officer maintained no data was stolen via the Juniper software flaw.

But lawmakers remained skeptical.

“How would you know if something was taken or not?” asked Rep. Will Hurd (R-Texas), who chairs the subpanel that held the hearing.