Just last year, a security bug was found in OpenSSH that affected ALL versions released in the past 20 years! The impact of this vulnerability was massive and here’s why:
What is Open SSH?
Open SSH is short for Open Secure Shell. It is one of the most widely used and trusted tools for remote management of servers and computers. It offers a secure channel by eliminating eavesdropping, connection hijacking, and other attacks. It is considered extremely safe and used across several software applications and hardware devices online, making it very difficult if any vulnerabilities were to be discovered.
Finding the Security Bug
The security bug was found back in August of 2018. If an attacker tried to authenticate through OpenSSH with a username that didn’t exist, the server would send out a failure reply. However, if the user itself did not exist, the server would close out without leaving a reply at all. Knowing this, attackers were able to guess usernames that were registered on the OpenSSH server. OpenSSH is used with a range of technologies, thus, affecting billions of devices.
Solution
Patches for the vulnerability were created, however, it would still be a long process to fix since OpenSSH is used in so many applications. Users could also opt to login into remote devices using an alternative to OpenSSH. If users did not have an alternative or no choice but to use OpenSSH, they could also disable the public authentication, which is where the vulnerability was found.
Written by
Michael Assraf
Recent Posts
1
Challenges of Cybersecurity Automation
Kent Weigle May 07, 20212
Security Automation Best Practices
Kent Weigle May 07, 20213
Part Human, Part Machine: Leverage Automation To Bolster Your Defense
Kent Weigle May 07, 20214
Benefits of Automation in Cybersecurity
Kent Weigle May 07, 20215
Will Automation Save the Security Team?
Kent Weigle May 07, 2021
Related Posts
Challenges of Cybersecurity Automation
Cybersecurity automation in vulnerability management and security operations is a new topic in the IT industry. This is a result of the ongoing cybersecurity skills shortage and an increase in the sophistication and volume of cyber threats as well as a rise in cyber attackers using automation for their campaigns.
Security Automation Best Practices
Automation has become the main component of successful and growing businesses. This is true in the cybersecurity industry, specifically with access and identity management, patching and network management.
Part Human, Part Machine: Leverage Automation To Bolster Your Defense
The sophistication of cybersecurity threats has outpaced the development of conventional security tools. Aside from automated and commoditized hacking methods such as file-based malware, botnets and viruses, advanced persistent threats (APTs) have also risen to become threats to anyone’s security. APTs are persistent malicious actors that attempt to gain access to sensitive information and infrastructure over a period of time.
Start Closing Security Gaps
- Risk reduction from Day 1
- Fast set-up and deployment
- Unified platform
- Full-featured 30-day trial