Poorly managed SSH keys pose serious risks for most companies
http://pixel.quantserve.com/pixel/p-89EKCgBk8MZdE.gif
Computerworld – Many companies are dangerously exposed to threats like the recently revealed Mask Advanced Persistent Threat because they
don’t properly manage the Secure Shell (SSH) cryptographic keys used to authenticate access to critical internal systems and
services.
A Ponemon Institute survey of more than 2,100 systems administrators at Global 2000 companies discovered that three out of
four enterprises are vulnerable to root-level attacks against their systems because of their failure to secure SSH keys.
Even though more than half of the surveyed enterprises had suffered SSH-key related compromises, 53% said they still had no
centralized control over the keys and 60% said they had no way to detect new keys introduced in the organizations. About 46%
said they never change or rotate SSH keys — even though the keys never expire.
Those findings reveal a significant gap in enterprise security controls, said Larry Ponemon, founder and CEO of the Ponemon
Institute. “It’s hard to believe that companies allow themselves to be so insecure,” he said. “This doesn’t appear to be a
situation where this vulnerability has to even be a vulnerability.”
SSH keys allow administrators to remotely login to and operate a system via a secure encrypted tunnel. Administrators use
such keys to authenticate access to critical database systems, application servers, cloud systems and security systems. SSH
keys are also used to authenticate machines running automated processes and services and to protect data in transit.
SSH keys never expire, meaning that once a key is used to authenticate access to a system, the same key can be used in perpetuity
unless it is changed. A hacker who acquires an unsecured SSH key can use it to gain access to the server or service to which
it is attached and then use that access to try and find more keys for jumping on to other systems in a network.
Because SSH keys provide administrator-level, fully encrypted access to enterprise systems, any compromise of the keys could
allow an attacker to gain complete control of a system while they remain hidden from view.
SSH uses an encryption key pair to enable a secure connection between two systems. One key is for the server and the other
for the client device that wants access to the server. An organization might have numerous SSH keys with access to a single
server.
Large enterprises can have tens of thousands of SSH keys on their network — most of which are poorly managed, said Kevin
Bocek, vice president of product marketing and threat research at security vendor Venafi, which commissioned the Ponemon survey.
Companies often have little knowledge about the presence of such keys on their networks and therefore do little to manage
them.
“SSH is really critical as a root-level access [tool],” Bocek said. “It is an encrypted channel that goes around traditional
host protections.”
By stealing SSH keys, attackers like those behind The Mask APT can impersonate admins, snoop around and take complete control
of a target’s network without being detected, he said. There are signs that National Security Agency contractor Edward Snowden
might have used SSH keys or a similar digital certificate to access and steal documents without being detected, he said.
Read more about Poorly managed SSH keys pose serious risks for most companies and other interesting subjects concerning NSA at TheDailyNewsReport.com
