Avoiding a Snowden-style Breach

Mitigate Attacks on Trust by Protecting Keys & Certificates

Analyst Coverage

“Cybercriminals are known to steal SSH keys or manipulate which keys are trusted to gain access to source code and other valuable intellectual property” Read More

“Advanced threat detection provides an important layer of protection but is not a substitute for securing keys and certificates that can provide an attacker trusted status that evades detection.” Read More

"Basically, the enterprise is a sitting duck."

"PKi is under attack...Advanced and persistent adversaries go for keys" Read More

"When there are many hundreds of certificates from a variety of certificate authorities, the only ecumenical [universal], nonproprietary provider of a certificate management solution is Venafi. Other CA management systems are biased toward the particular CA by, for example, only supporting renewals from that specific CA." Read More

"No CISO could consider having tens of thousands of unknown network ports open and have no way to control them. But that’s the alarming reality today with regards the trust established by keys and certificates..." Read More

"Organizations with roughly 200 or more documented X.509 certificates in use are high-risk candidates for unplanned expiry and having certificates that have been purchased but not deployed." Read More

"Technology critical to cloud computing is in clear and present danger...attacks on Secure Shell (SSH) keys present the most alarming threat arising from failure to control trust." Read More

“Certificates can no longer be blindly trusted” Read More

“Just because something is digitally signed doesn't mean it can be trusted.”

“Enterprise awareness of attacks on keys and certificates is in its infancy; most don’t understand how to detect or respond to an attack.” Read More

How the NSA Could Have Avoided the Edward Snowden Breach

Although organizations have increased their investments in security solutions, the cost of cybercrime has increased by 78% over the last four years. Never have organizations faced such a barrage of constant cyber-attacks. Cyber-criminals and nation-states are successfully syphoning off the intellectual property of the world’s businesses, governments and militaries. Despite the fact that companies will spend US$68.34 billion globally on cyber-security solutions this year, 95 percent of them have already been compromised.

Organizations need to protect themselves against not only external threats but also insider threats. For all the security technology investments the U.S. National Security Agency (NSA) makes, the agency did not detect or prevent Edward Snowden’s attack. Like many of the attackers responsible for cyber-threats, Snowden took advantage of the trust established by cryptographic keys and digital certificates, and used them to disguise his unauthorized activity, to elevate his privileges and to exfiltrate classified information. Exploiting the trust that keys and certificates establish provides malicious actors with a new way to infiltrate an organization’s network. Organizations, governments, and security solutions inherently trust keys and certificates; malicious actors understand this and use it to their advantage.

Learn more about how Edward Snowden compromised the NSA.


> Solution: Venafi Director Platform

The Immune System for the Internet