Unlike before, when trust could be measured in terms of locks, safes and video cameras, trust today is established in such security technologies within the enterprise network that can’t be seen, only managed. As organizations adopt cloud computing and employee-owned devices have increased access to the corporate networks and sensitive information, the challenge of securing company data everywhere increases exponentially. Cryptographic keys and digital certificates establish trust in the enterprise, ensuring that corporate data remains secure whether accessed by the employee in the cube on the second floor or by an executive in a hotel room in Singapore.
The attack vehicle
When it comes to Advanced Persistent Threats (APTs), bad actors will take advantage of the trust gap - using any and every exploit that they can leverage to steal your organization’s data. They will look for the weakest link in your security systems and find the path of least resistance. Over the past several years, criminal organizations and individual bad actors have found that by taking advantage of poor key and certificate management practices that they can breach trust to infect systems with information-siphoning malware and in some cases even implant weaponized code that can inflict physical damage on facilities.
All you have to do is look back at the past few years to realize the impact trust-based attacks have had on organizations. Organized groups have been using encryption keys and digital certificates to steal information for years, as they serve as perfect vehicles for sliding past defensive systems. Case in point: Stuxnet and Flame. These two well-known examples of malware took advantage of stolen and weak certificates. Why did the actors choose this method? Compromised certificates authenticated the malware on the network making it appear as if it was legitimate code. As a result, the infected operating systems allowed the installation of the malware without any warning.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.