Secure Shell (SSH) is a network protocol that establishes a cryptographically secure connection between two parties. As such, it plays a crucial role in protecting information those parties exchange. But the network protocol isn't foolproof. If organizations mismanage their SSH keys, they could expose themselves to significant digital security risks. That's especially the case if they have lots of untracked persistent SSH trust relationships in their encryption environments.
Here are four big risks of weak SSH key management that your organization should have on its radar.
Bad actors could abuse unprotected SSH keys to gain unauthorized access to privileged accounts. For instance, if an organization keeps default SSH configurations, that means users can manage their own authorized SSH keys. An attacker could exploit this setting by compromising a privileged user and setting up a backdoor key. Alternatively, they could leverage poorly protected private keys to gain illegitimate access to sensitive business accounts. Both external actors and malicious insiders could accomplish these methods of intrusion. In addition, if the organization doesn't properly monitor its SSH keys, terminated employees could retain access to sensitive business information long after they walk out the door.
"Pivoting" in this sense refers to computer criminals' ability to jump from system to system. Unfortunately, attackers could easily pivot on an organization's network by abusing persistent SSH trust relationships to their advantage. That's especially the case if administrators don't review those keys often or maintain strong oversight over them.
Circumvent Security Controls
While they're busy pivoting, attackers could come across firewalls and other security technologies designed to block malicious network activity. Unfortunately, if companies don't properly control their SSH environment, they could potentially bypass these safeguards by configuring SSH for port forwarding. Doing so would allow the attackers to communicate with other systems that leverage authorized connections via firewalls and thereby find an alternate yet nonetheless "approved" route through the network.
Unauthorized Use of SSH Server
Organizations need to be careful when activating an SSH server, as these types of assets enable remote login. Attackers could abuse this facet in a poorly controlled SSH environment using free implementations like OpenSSH to surreptitiously enable SSH on critical assets. With SSH set up, attackers could then gain remote access to an asset and thereafter do whatever they want with it.
The Importance of SSH Controls
To defend against the threats described above, it's imperative that organizations properly manage and configure their SSH environments. A follow-up blog post will delve deeper into that topic. For now, you can learn more about SSH key management here.