Risk
7/3/2012
11:16 AM
Connect Directly
RSS
E-Mail
50%
50%

Flame Killing: Free Tool Spots Vulnerable Digital Certificates

One-quarter of enterprises still use insecure MD5 cryptographic hash function to sign their digital certificates, putting corporate secrets at risk.

How vulnerable are businesses to Flame-style malware?

That malicious application was able to spoof a legitimate, Microsoft-signed digital certificate, which the malware used to install entire copies of itself on targeted computers. The malware's authors accomplished that feat by first cracking a Microsoft digital certificate, created using the MD5 cryptographic hash function, to essentially give themselves a Microsoft Windows "god mode."

"Microsoft was using the certificate in three places: Windows Update server, for licensing, and for code-signing," said Jeff Hudson, CEO of enterprise key and certificate management company Venafi. "This allowed the attacker to use an MD5 collision attack to create what some in the press have called a digital certificate 'evil twin.'"

[ Read about financial malware that attempted to collect information on readers, possibly to target their bank accounts: Banking Trojan Harvests Newspaper Readers' Credentials. ]

But the problem wasn't with MD5, per se, which researchers first cracked in 2008 using 2,000 Sony PlayStation 3s, and which was then cracked in 2010 by German researcher Thomas Roth using on-demand computing power from Amazon Elastic Compute Cloud (EC2). Rather, the problem was with Microsoft, which in 2008 via its TechNet site began urging MD5 users to instead adopt the more secure SHA1 encryption algorithm.

In other words, Microsoft failed to heed its own MD5-related warnings. Of course, Microsoft is hardly alone in its use of MD5. According to Venafi's scans of customers' networks, about one-quarter of the 2,000 largest businesses in the world use MD5-signed certificates. Meanwhile, 17% of all digital certificates in use at the so-called "global 2,000" are signed with MD5. "The numbers are worse for governments, but we're not even going there," said Hudson.

In the wake of Flame, Microsoft nuked the bad certificate and updated Windows to help prevent future such attacks. But the attack illustrates that all businesses need to replace their MD5-signed certificates, especially since, as Hudson noted, digital certificates are used by businesses to secure any data that's sensitive--"involving identity, access management, authentication, and keeping secrets."

To help, Tuesday Venafi released a free tool, MD5 Certificate Assessor, which can be used to catalog all digital certificates in use on a corporate network, highlight which certificates are MD5-signed, detail each certificate's issuing certificate authority (CA), and identify any encryption keys that are out of compliance. Eliminating MD5 from enterprises is a priority because while Flame may have primarily targeted Iran, Lebanon, and Syria, its attack techniques stand to be aped by others.

"Cybercriminals are exceptionally creative, financially organized, and highly motivated to steal confidential information. Organizations focused on reducing security risk need to do all they can to close as many open doors and to change as many locks as they can," said Eric Ogren, principal analyst with Ogren Group, in a statement. "Free tools such as this one being provided by Venafi to track down weak certificates could provide an advantage in staying a step ahead of the attackers."

What should businesses be using instead of MD5-signed certificates? Ideally, select the SHA1 or SHA2 hash algorithm instead. "SHA1 is right on the cusp of being able to be broken; people have come up with theoretical attacks, but they would take a tremendous amount of computing power to execute," Hudson said.

But when using either SHA1 or SHA2, be careful to employ a strong--as in long--key. "NIST [The National Institute of Standards and Technology] has told everyone that 1,024 is crackable now, theoretically," said Hudson. In its key management recommendations, NIST says that 1,024-bit keys should be dropped in favor of 2,048-bit keys, which the organization estimates won't be vulnerable to cracking until 2030. But some security experts even recommend protecting root passwords or accounts with 4,096-bit encryption, Hudson said, "because if you crack the root ... you get everything."

Currently, however, many businesses don't use digital certificates correctly. "The technology is fine, but where it breaks down is [when] people use known-bad stuff like MD5, and it's been known-bad for a while. That's why managing it is important. But first you have to find it," said Hudson.

"Some of the things you find out there are incredible--512-bit keys, self-signed certificates, and that's the worst," he said. "Many times in development, developers put a certificate in there to test it, and then it ends up in the production version, and it's not signed by a CA. That's as bad a practice as there is."

Security information and event monitoring technology has been available for years, but the information can be hard to mine. In our SIEM Success report, we provide a step-by-step guide to make the most of your SIEM system. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.