60% of enterprises relying on sysadmins to self-police SSH keys
Posted on 20 February 2014.
Enterprises tolerate security vulnerabilities by allowing open door, root-level access, according to a new Ponemon Institute report. 46% of the 1,854 respondents reported their servers and networks are left open and can be owned forever by attackers because they fail to rotate SSH keys. Not surprisingly, 51% of organizations reported already being breached by an attack using SSH.

This hole in enterprise security has not gone unnoticed. The recently uncovered Mask operation steals SSH keys to impersonate, surveil, collect, and decrypt its targets’ communications and data. If SSH keys are not replaced after intrusions like The Mask attacks, enterprise networks remain owned by the attackers.

The Ponemon research also found that 60% of organizations could not detect rogue SSH keys on their networks since system administrators self-police SSH keys using manual processes.

“Frequently, we look at a wide range of different IT security issues that impact global organizations. This study stands out as it reveals the damage that a single, unprotected SSH key can cause,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “Although SSH keys are an IT security technology, they are often left unchecked in the hands of a wide-range of administrators that are not, in theory or practice, IT security experts. This dirty little secret, revealed by the survey, is further evidence that root access to the world’s most sensitive data is widely available and largely unprotected, leaving many organizations open to perpetual cyberattacks and compromises.”

“CEOs, CIOs, CISOs and other IT security executives are tolerant to the point of insanity when it comes to controlling, protecting and detecting SSH, the most widely used security and authentication technology between administrators, servers, and clouds,” said Venafi CEO Jeff Hudson.

“This is a dangerous situation, akin to giving the foxes the keys to the hen houses. They have allowed SSH security to spin out of control, which in fact places their organizations in jeopardy. The total inability to respond to a breach by rotating all SSH keys means CISOs should be investing more in bulldozers for their data centers than firewalls,” Hudson added.





Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //