In my blog post about the Heartbleed hype, I stress that threats against keys and certificates neither started with the Heartbleed vulnerability, nor certainly will end with it. Threats specifically against keys and certificates go back to 2009 and 2010, where Stuxnet and Duqu provided the virtual blueprint to the cyber criminal communities around the world by using stolen certificates to make the malware infection payload look legitimate.
Attacks on the Certificate Authorities themselves accelerated in 2011, with well-known CAs such as Comodo and Digicert Malaysia suffering breaches. In September of 2011, with the breach of DigiNotar, some of its customers were left with no choice but to consider shutting down operations all together. By the end of 2011, there were 12 significant, publicly disclosed breaches of Certificate Authorities around the globe. It’s also worth mentioning that it was New Year’s Eve 2011 when Heartbleed was “born.”
In simple terms, Heartbleed is the result of a developer’s coding flaw. It’s a mistake that resulted in a massive 2+ year exposure. And no one knew it was happening. Vulnerabilities that expose keys and certificates occur frequently, although certainly not on as massive a scale as Heartbleed. Weak cryptography, along with weak processes and mistakes working with cryptography, are a daily occurrence.
In 2012, this burgeoning war on trust continued to evolve. To counteract the growing install base of advanced threat detection solutions in Global 2000 enterprises, we began to see a run on code signing certificates and widespread adoption of signing malware with certificates. Adobe announced that its code signing infrastructure had been compromised. Security vendors themselves were targeted, such as the case in which Bit9 had its secret code signing certificates stolen.
Bad actors of 2012 also realized they could subvert trust by obtaining and misusing Secure Shell (SSH) Keys on a wide scale. Various breaches and vulnerabilities, which ultimately exposed SSH Keys, were reported, most notably at GitHub and FreeBSD. Exposures involving SSH Keys are even more nebulous in some regards in that enterprises have much less visibility into or control of them. Moreover, unlike a digital certificate with a validity period shelf-life, which will eventually expire, SSH Keys have no such expiration date.
If 2012 was the year that attacks against trust learned to walk, then 2013 was the year they learned to drive….and drive fast. New attack schemes against TLS/SSL, such as Lucky 13, BEAST, CRIME, BREACH, and more, emerged, allowing for attackers to exfiltrate sensitive data from encrypted pages. Edward Snowden went from being an obscure, soft-spoken NSA contractor living in Hawaii to becoming a household name after stealing thousands of classified NSA files—all made possible by subverting the trust and access security provided SSH keys and digital certificates. The year 2013 also marked the first time we began to see a significant percentage increase in Android malware enabled by digital certificates (24% of all Android malware as of October 2013, up from 6.6% in 2012 and 2.9% in 2011).
Here in 2014, attacks on trust have graduated from college and are here to stay. Highly complex Advanced Persistent Threats exist with the main objective of stealing legitimate corporate keys and certificates of all types. Have a look at the breakdown of “El Careto” (or “The Mask”), which was discovered by Kaspersky in February after 7+ years undetected in the wild. Careto, which looks like a state-sponsored campaign due its complexity and professionalism, gathers sensitive data from infected systems, largely including VPN configurations, SSH Keys, and RDP files.
We’ve also seen substantive evidence of forged certificates being used to decrypt and monitor traffic as well as steal credentials and sensitive data. In a recent study by Facebook and Carnegie Mellon researchers, over 6,800 connections to Facebook used forged certificates.
Then over the past few weeks, evidence emerged around “ZBerp,” which is a hybrid Trojan “love child” of Zeus and Carberp and uses SSL to secure communications with command and control to evade detection by today’s most popular network security products.
From the accidental introduction of vulnerabilities, like Heartbleed, to advanced, persistent, professional efforts to both circumvent and misuse keys and certificates, the risk to these cryptographic assets is evolving and advancing. These threats undermine the trust we inherently place in keys and certificates to authenticate people and machines and encrypt data we intend to safeguard and keep private. PKI is under attack. Securing, protecting, and controlling enterprise keys and certificates is no longer simply a nice operational benefit. It’s a must have to defend the veracity of your entire business and brand.