14 DAY TRIAL // Venafi and the Ponemon Institute have released the results of a new study on SSH security vulnerabilities. It turns out that three quarters of enterprises have no security controls for SSH that can be leveraged by an attacker to gain root access.
51% of the 2,136 respondents from Global 2000 enterprises in Germany, Australia, the US, and the UK admit to having suffered at least one SSH key-related compromise in the last two years.
Worryingly, 60% of organizations still rely on administrators to manually track each new SSH key that’s added to the network. Furthermore, 68% don’t have an automated process in place for SSH key enforcement policy.
Hackers can easily gain root access to the systems of many organizations, because 74% of them allow administrators to independently manage and control the keys.
The study shows that it’s not very efficient to use home-grown scripted solutions for detecting new SSH keys. Over half of those that relied on such solutions still ended up with rogue keys on their networks.
When it comes to the cloud, 76% of enterprises have no systems in place to secure SSH.
“By using a stolen SSH key, an adversary can gain rogue root access to enterprise networks and bypass all the security controls. Because organizations have no policies, visibility into SSH vulnerabilities, or ability to respond to an SSH-related attack, cyber-criminals are turning to SSH as an attack vector at an ever-increasing rate,” reads the report.
“Every organization needs to stop viewing SSH keys and the management thereof as an operational matter that can be resolved with a few simple discovery scripts or relying on individual application administrators to self-govern.”
The complete report on SSH security vulnerabilities is available on Venafi’s website.