Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Employee Data More Exposed Than Customer Data
Newest First  |  Oldest First  |  Threaded View
TerryB
TerryB,
 User Rank: Ninja
1/20/2016 | 2:54:11 PM
Re: Encryption benefits
Kelly, encryption in transit, as your link talks about, also makes sense. As you said, only risks are with tools needing to analyze the traffic data to accomplish something.

I'm specifically talking about data at rest in storage. Essentially ending up ransomwaring yourself with lost or corrupted keys. My point is, if the hack just involves getting system access with credentials allowed to decrypt the file, what have you gained? What I was hoping to gain from Dark Reading was some insight into what kind of hacks that type of encryption would help versus not help.

For example, seems like a RAT hack would not help. Bad guy just using malware to impersonate you, who has access to decrypt. But are RAT's 10% of hacks and some other technique at 70% where storage level encryption would help?

Or am I not looking deep enough here on this network layer encryption? Are you suggesting it would block a RAT from sending the file to bad guys server where he could read it? Meaning RAT couldn't open encrypted file with user's credentials/keys, save file as CSV, then transmit to bad guys server? If that is the case, then that is overwhelmingly good thing.

I'm just struggling with ransomware being such a problem now why you would take risk of doing that to yourself. albeit unintentionally?
Kelly Jackson Higgins
Kelly Jackson Higgins,
 User Rank: Strategist
1/20/2016 | 2:22:53 PM
Re: Encryption benefits
@TerryB, you raise a great point, and it's something we've addressed in previous stories. This report didn't go into that aspect, and obviously not all data must be encrypted. Access to encrypted data can be a challenge with some security tools unable to do their work with if the network flows are encrypted.

Here's a Q&A we did with the Internet Architecture Board's chair on the call for making encryption the new normal:

http://www.darkreading.com/perimeter/qanda-internet-encryption-as-the-new-normal/d/d-id/1317783
TerryB
TerryB,
 User Rank: Ninja
1/20/2016 | 1:50:58 PM
Encryption benefits
A good article from you (Dark Reading) would be to explain better how encryption helps in certain types of breaches. I get the lost laptop/hard drive scenario. But if hacked with legitimate credentials and accessing data thru the intended application under those credentials, how does it help? To be invisible to user experience, means encryption/decryption takes place along with translation from zeros/ones to UNICODE to ASCII/EBCDIC to readable data in whatever (human) language that platform is using. Accessed under legit credentials, how does it afford any more protection?

As an IT lead at a midsize company, with no public interface outside a two factor VPN tunnel, I see the risk in encryption. You have a key problem and your data is gone, unusable. So the decision becomes which is higher risk, being hacked in a way encryption would help or some tech screwup where your keys are messed up and data unusable?

I've yet to see an article that clearly spells out choosing between these two. Especially when your data isn't clearly monetizable by someone.
Whoopty
Whoopty,
 User Rank: Ninja
1/20/2016 | 7:18:40 AM
Danger
This is why it's so dangerous when politicians who have no idea what they are talking about rail against encryption. That's not going to encourage business heads to learn more about it or consider its usage of they're told in the news that hiding information is a terrible thing.

Everything should be encrypted if not being accessed by the creator of intended recipient. 
LeoKhull
LeoKhull,
 User Rank: Apprentice
1/20/2016 | 2:02:16 AM
I agree
Obviously it is. I agree with you.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1172
PUBLISHED: 2023-03-17
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...
CVE-2023-1469
PUBLISHED: 2023-03-17
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
CVE-2023-1466
PUBLISHED: 2023-03-17
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(...
CVE-2023-1467
PUBLISHED: 2023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt le...
CVE-2023-1468
PUBLISHED: 2023-03-17
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipula...