You’re Already Compromised: Exposing SSH as an Attack Vector

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Log in
Sign up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in our online comments.

Your password should:

  • be at least eight characters long
  • be no more than 25 characters long
  • contain at least one uppercase, lowercase and special character
  • contain at least one digit
  • only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

Secure Shell (SSH) keys are an integral part of the digital world. It enables one system to access another remotely in a secure manner, enforcing authentication, authorization, and encryption of communications, Unfortunately, cybercriminals do take advantage of the trust that is established by SSH. Cybercriminals can use improperly secure SSH keys against organizations to gain access to critical systems and intellectual property that could damage a company’s brand and bottom line.

According to Ponemon Institute’s SSH security vulnerabilities research, 51% or organizations have already been compromised via SSH in the last 24 months. 74% either have no SSH policy or manual SSH policy in place, and 60% can’t detect new SSH keys on their networks. These results show just how poorly organizations secure and protect their SSH keys. The result is increased exposure to comprise.

In this white paper you will learn more about:

  • SSH vulnerabilities that organizations need to address
  • How cybercriminals leverage trust based attacks on keys and certificates to steal data
  • Strategies to help organizations secure and protect their SSH inventory.

Only with a clear understanding of your SSH environment can you take steps toward securing keys and certificates and reducing the overall threat surface.

Brought to you by

Should you download this content your information may be shared with the sponsors indicated above. Please see the privacy policy for Venafi here: Please see Infosecurity Magazine’s privacy policy for more information.