New Research Reveals Most Enterprises Leaving Door Open to Rogue, Root-Level Access and Cyberattacks
Salt Lake City, UT
February 19, 2014
Ponemon Institute Finds 3 out of 4 Organizations Have No Security Controls for SSH
Venafi, the leading provider of Next-Generation Trust Protection, today announced Ponemon Institute research which reveals enterprises tolerate security vulnerabilities by allowing open door, root-level access in the 2014 SSH Security Vulnerability Report. Underwritten by Venafi, the report exposes how cybercriminals are exploiting the lack of visibility and control over SSH keys used to authenticate administrators, servers, and clouds. 46% of the 1,854 respondents reported their servers and networks are left open and can be owned forever by attackers because they fail to rotate SSH keys. Not surprisingly, 51% of organizations reported already being breached by an attack using SSH.
This hole in enterprise security has not gone unnoticed. The recently uncovered Mask operation steals SSH keys to impersonate, surveil, collect, and decrypt its targets’ communications and data (analysis and recommendation for those breached available here). If SSH keys are not replaced after intrusions like The Mask attacks, enterprise networks remain owned by the attackers. The Ponemon research also found that 60% of organizations could not detect rogue SSH keys on their networks since system administrators self-police SSH keys using manual processes.
Tweet this: 2014 #Ponemon #SSH Vulnerability Report finds 74% leave open root-level access without systems to protect SSH keys
Secure Shell (SSH) is the fundamental security system enterprises rely on to connect system administrators and automated processes to services, appliances, and cloud services over an authenticated, encryption channel. Payment servers, healthcare databases, cloud platforms, and even air traffic control systems are accessed and controlled by administrators via SSH keys. Because SSH keys never expire, cybercriminals and insiders alike gain almost permanent ownership of systems and networks by stealing SSH keys. Data loss prevention, advanced threat detection solutions and next-generation firewalls cannot examine SSH encrypted traffic, which allows adversaries to steal information over extended periods without detection.
Tweet this: 2014 #Ponemon #SSH Vulnerability Report finds 46% of networks can be permanently owned by stealing SSH keys
“Frequently, we look at a wide range of different IT security issues that impact global organizations. This study stands out as it reveals the damage that a single, unprotected SSH key can cause,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “Although SSH keys are an IT security technology, they are often left unchecked in the hands of a wide-range of administrators that are not, in theory or practice, IT security experts. This dirty little secret, revealed by the survey, is further evidence that root access to the world’s most sensitive data is widely available and largely unprotected, leaving many organizations open to perpetual cyberattacks and compromises.”
Tweet this: @Venafi urges #TheMask breached to replace #SSH keys or bulldoze the data center to clean up
“CEOs, CIOs, CISOs and other IT security executives are tolerant to the point of insanity when it comes to controlling, protecting and detecting SSH, the most widely used security and authentication technology between administrators, servers, and clouds,” said Venafi CEO Jeff Hudson. “This is a dangerous situation, akin to giving the foxes the keys to the hen houses. They have allowed SSH security to spin out of control, which in fact places their organizations in jeopardy. The total inability to respond to a breach by rotating all SSH keys means CISOs should be investing more in bulldozers for their data centers than firewalls.”
Tweet this: #Infographic: @Venafi finds insanity in action with 60% of enterprises relying on sysadmins to self-police #SSH keys
Download the full Ponemon 2014 SSH Security Vulnerability Report
Download the Information Security’s Dirty Little Secret infographic
This report includes a survey of 1,854 respondents from Global 2000 enterprises in four countries: Australia, Germany, the U.K. and the U.S. More than 50 percent of respondents are employed in companies with 1,000 to 10,000 employees.
To get the latest news and information about Venafi: