Secure Shell (SSH) keys provide administrators the highest levels of administrative access in financial services organizations. However, these powerful assets are routinely untracked, unmanaged and poorly secured. Unfortunately, this makes SSH keys popular targets for cyber criminals.
“Cyber criminals can leverage compromised SSH keys to gain elevated access to servers and perform nefarious activities, all while remaining undetected,” said Nick Hunter, senior technical manager for Venafi. “In addition, bad actors know that a single SSH key will often be copied across hundreds or thousands of systems.”
Threats that leverage SSH privileged access are especially serious in the financial service sector, where malicious actors can literally access lucrative assets and private information.
Venafi recently conducted a study that evaluated how financial service organizations manage and implement SSH in their environments. With participation from 100 IT security professionals from the finance sector, the study reveals a widespread lack of SSH security controls.
For example, 69% of the respondents admit they do not actively rotate keys, even when an administrator leaves their organization, which can allow the former employees to have ongoing, privileged access to critical systems.
Additional highlights from the study:
The financial service sector faces unique and sophisticated cyber security threats. This disregard for SSH security can have profound and devastating consequences on customer privacy and security risk.
Nick concluded: “Cyber criminals can use compromised keys to move throughout a financial services organization, creating additional backdoors and setting up beachheads for their operations.”
Is your financial services organization protecting its SSH keys?