Important Security News Flash Regarding SSH Vulnerabilities


(ISC)2-Logo

The SSH protocol that is embedded on Unix, Linux, Mainframe, and Windows 16 Servers – in additional to Switches, Routers, IOT devices, etc. can be compromised by bad actors with access to keys. This is also true for anyone deploying applications in the cloud.

The SSH protocol creates an encrypted tunnel providing users with root level access. In the wrong hands, misuse of the SSH protocol have led to disastrous consequences. Here is why:

Encrypted SSH traffic cannot be monitored by existing tools. DLP, SIEM’s, Firewall’s etc. do not work
SSH Key’s don’t expire – a key created 20 years ago still works today.
SSH Keys are often copied and shared, creating a challenges to tie back who did what and when
SSH Tunneling (just what the name implies) facilitates a security loophole
Bad actors operating within this security blind spot can bypass security controls, install software, transfer data, and delete their activity.

Recommended Course of Action

Review and apply the NIST 79666 white paper recommended guidelines to prevent security breaches.

FURTHER READING

Stay on top of vulnerabilities with (ISC)2’s members-only resource for researching and tracking vulnerabilities and mitigating risks – Vulnerability Central.

Create your customized dashboard today.

By Thomas MacIsaac, Vice President, Eastern US and Canada, SSH Communications Security

[(ISC)² Blog]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.