Network Synergy Blog

Network Synergy has been serving the Trumbull area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Network Synergy today at 203.261.2201.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 22 May 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab

QR-Code dieser Seite

Sign Up

  • First Name *
  • Last Name *

      Blog Categories

      The Internet of Things Windows 3D Computer Accessories Efficiency Scheduling Fraud Computer Care Computer Repair Upgrades Migration Google Server Management IT service Sports Wireless Knowledge LiFi Deep Learning eWaste Automation Virtual Private Network CrashOverride Smartphones Battery Cookies Phishing Help Desk Google Maps Logs Network Management Robot Employer-Employee Relationship Display Browser WiFi Vendor Management Privacy Data storage User Tips Mobility User VPN Android Upgrade Cabling BDR Collaboration IT Services Cybercrime Specifications Firewall Downloads Two-factor Authentication Managed IT Service Telephone Systems Virtual Desktop Computing Infrastructure Identity Theft Botnet Running Cable File Sharing Skype Software as a Service Current Events Disaster Resistance Tip of the Work Mouse Lithium-ion Battery Politics Quick Tips Business Technology Internet Exlporer Innovation Alert Data Loss Save Time Black Friday Superfish Trending Healthcare Smart Tech Proactive IT Samsung Money Shortcut Bitcoin IT Support Modem Health Workplace Tips Users Mobile Computing Apple Operations Microsoft Excel Chromebook Leadership Settings Food Public Speaking Break Fix Big Data Networking PowerPoint eBay Hard Drives HIPAA Mobile Security IBM Unsupported Software Saving Money Technology Tips Network Congestion Experience Motion sickness Compliance Presentation Humor Miscellaneous Virtual Reality Cryptocurrency Data Breach Tutorials Mobile Technology Webcam Star Wars Email Hardware Cloud Government Disaster IT Consultant Business Management Mobile Office Application Machine Learning Mobile Devices Small Business Print Server Business Owner Physical Security Mobile Device Management Hacks Environment IP Address Best Available Files Scary Stories Cybersecurity Text Messaging Remote Support Lenovo Productivity Tip of the Week Law Enforcement Mail Merge Data Warehousing Identity Regulations Cleaning Time Management Recycling Phone System Black Market 5G Mobile Data Antivirus Co-managed IT Google Docs Digital Payment Infrastructure Debate LinkedIn Memory Legislation Tech Support Company Culture Nanotechnology Conferencing Telephony Cameras Productivity Alerts Social Networking Charger IT Solutions Refrigeration Online Currency Printer Downtime PDF Touchscreen Communication Net Neutrality Training Secruity Digital Monitors Servers Technology Social Engineering Comparison Gmail Best Practice Windows 8.1 Update Technology Laws Licensing Managed IT Spyware Vulnerability iPhone Gadgets Permissions Tech Term Work/Life Balance People Hackers How To Crowdfunding User Error Statistics Information Technology G Suite Bring Your Own Device Bluetooth Language Domains Microsoft Remote Monitoring History Hiring/Firing Facebook Tracking Sync Risk Management Applications Gadget Business Continuity Marketing GPS communications Congratulations Documents Avoiding Downtime Gaming Console Network Data Paperless Office Assessment Legal Cooperation Macro Router Alt Codes Cyber Monday Access Control Hacker Consumers Customer Service Programming Operating System IT Consulting Utility Computing Virus Mirgation Trainging Ransomware Work Station Disaster Recovery Hosted Solutions Unified Threat Management Consultation Laptop Artificial Intelligence Digital Signature Backup IoT End of Support Piracy Windows 8 Web Server Techology IT Support Google Wallet Uninterrupted Power Supply Halloween PC Care Tip of the week Password Scam Fun Windows 10 Patch Management Streaming Media Office IT Technicians Managed IT services Server Value Business Growth Network Security Firefox Chatbots Flexibility Managed Service Provider Best Practices Social Media Taxes Notifications Video Surveillance Mobile Device 3D Printing Maintenance Address Saving Time VoIP Passwords Hotspot Cortana Administration Excel Hacking Multi-Factor Security Computing Retail Drones Supercomputer Wi-Fi Typing Hard Disk Drive Unified Threat Management Office 365 Private Cloud Screen Reader Business Intelligence Remote Computing Computer Data Recovery Office Tips Content Filtering Redundancy SharePoint Wireless Technology BYOD Public Cloud Emoji SaaS Automobile Internet Recovery Dark Web Electronic Medical Records Staffing Project Management Data Management Motherboard Holiday Entrepreneur Word Thank You Intranet Blockchain Storage Tablet App Data Security CIO Webinar Undo Competition CCTV Start Menu Inbound Marketing Buisness Processors Software Tips Staff Windows 10 Meetings Smartphone Chrome Social Backups Malware Document Management Cloud Computing Point of Sale Twitter Save Money Website Data Backup Google Analytics Cache Security IT budget Managed IT Services Relocation Internet of Things Troubleshooting Smart Technology Business Computing Unified Communications Safety Connectivity Solid State Drive Printing Crowdsourcing Personal Information Hard Drive Search Augmented Reality IT Management Business Travel Wearable Technology Corporate Profile Law Firm IT Software Hosted Solution Service-based Business Identities Going Green Cost Management Fax Server Customer Relationship Management USB YouTube Outlook Spam Apps Error Microsoft Office Virtualization Distributed Denial of Service Outsourced IT Google Calendar Writing Education Budget Bandwidth Computers Administrator Websites Encryption Google Drive Heating/Cooling Analyitcs

      Latest Blogs

      Artificial intelligence is perhaps most commonly known as a malevolent force, thanks to popular culture. HAL 9000, Ultron, and many others have reinforced that A.I. will be the dow...

      Latest News

      Our Site Has Launched!

      flag

      Welcome to Our New Site!
      We are proud to announce the unveiling of our new website at Network Synergy!

      Read more ...

      Contact Us

      Learn more about what Network Synergy can do for your business.

      callphone

      Call us today    203.261.2201

      Fax Number :    203-261-2935

      126 Monroe Turnpike
      Trumbull, Connecticut 06611

      facebook twitter linkedin #youtube