Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Richland Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Telesys Voice and Data today at (800) 588-4430.


No comments yet
Already Registered? Login Here
Saturday, 20 October 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Hackers Malware Privacy Business Computing Productivity Email Business Microsoft Internet Hosted Solutions Windows 10 Software Backup Managed Service Provider Ransomware Network Security Computer IT Services Mobile Devices Android Smartphone User Tips Managed IT services Hardware Outsourced IT Google Browser IT Support Workplace Tips Social Media Innovation Efficiency Communication Disaster Recovery Business Continuity Data Data Backup App Business Management Data Management Smartphones Cloud Computing Small Business Productivity Office Holiday Upgrade Server Office 365 Remote Monitoring Windows Miscellaneous WiFi Internet of Things Facebook Microsoft Office Data Recovery Network Artificial Intelligence Gmail Big Data Spam Phishing Encryption Tech Term Password Unified Threat Management Customer Relationship Management Bandwidth Firewall Robot Apps Save Money Paperless Office Hosted Solution Recovery Customer Service Mobile Device Management Document Management Tip of the week Employer-Employee Relationship Cybersecurity Risk Management Saving Money Remote Computing Managed IT Services Word Hacker Passwords Chrome How To Content Filtering Government Apple Money Avoiding Downtime Infrastructure Work/Life Balance Wi-Fi Office Tips Compliance File Sharing Two-factor Authentication Operating System Settings Analytics Vendor Management Data Security VoIP Applications Presentation The Internet of Things Business Growth IT Support Computers Alert Data storage Outlook IT Management Computing Education Mobile Device Antivirus Project Management Cybercrime Virtual Reality Managed IT Health Data loss BDR SaaS BYOD Social Hacking Website Mobile Computing Tech Support Windows 10 Telephone Systems YouTube Patch Management Collaboration Unified Communications Scam Legal Information Technology Regulations Vulnerability Identity Theft LiFi Humor Twitter Politics Monitors VPN Travel Analyitcs Google Drive Websites Automation Virtual Private Network Smart Technology Assessment Physical Security Augmented Reality Going Green HIPAA Server Management Licensing Taxes Botnet Router IBM Running Cable Digital Payment Specifications Mobile Security Printing Samsung Maintenance Meetings Bring Your Own Device Search User Sports Storage IT service Cortana Retail Virtualization Computer Care Administration Best Practice Tablet Lithium-ion battery Training IT solutions Business Owner Business Technology Safety Wireless Technology Automobile Upgrades Marketing Wireless Budget Downtime End of Support Healthcare communications Mouse Competition Law Enforcement Network Congestion flu shot Domains Uninterrupted Power Supply Entrepreneur Cost Management Unsupported Software Permissions 5G Spyware Internet Protocol Flexibility Google Calendar Application CCTV WPA3 Emoji eWaste Gadget Users Display Fort Worth IT Public Speaking IT Sevices Solid State Drive How To Management Mobile Data Networking Fraud Hacks VoIP streamlines Operations Heating/Cooling Legislation Fleet Tracking Environment Social Networking DFW IT Service Hard Disk Drive Firefox Supercomputer Enterprise Resource Planning Net Neutrality Current Events Troubleshooting business network infrastructure Wearable Technology Laptop Servers Hard Drives Help Desk G Suite Asset Tracking Processors Motherboard Virtual Desktop IT Budget Motion Sickness Mobile Techology Internet Exlporer data services Halloween Google Docs Phone System Software as a Service Refrigeration Remote Workers Writing Mail Merge Distributed Denial of Service Consultation Vulnerabilities Deep Learning Personal Information Disaster Resistance Fun IT Technicians Scary Stories Statistics Technology Tips Software Tips IT Consultant Electronic Health Records Machine Learning Modem Social Engineering Address Managed IT Service User Error Geography Computer Repair Proactive IT Hotspot Mirgation Bluetooth Comparison Undo Cleaning Cyberattacks Notifications Relocation Cookies Redundancy Break Fix IP Address Corporate Profile Quick Tips Printer Webcam Cables Alt Codes Electronic Medical Records IT Consulting Language Google Wallet iPhone Migration Dark Data Black Friday History Bookmarks Crowdsourcing Private Cloud Nanotechnology Dark Web Mobile Office WannaCry Time Management Access Control Point of Sale Wires Typing Data Breach Computing Infrastructure Drones Chatbots Buisness Cyber Monday Cabling Favorites Staffing Error IoT Data Warehousing Network Management SharePoint MSP Cryptocurrency Technology Laws Alerts Knowledge Identity flu season Conferencing GPS Utility Computing Lenovo Microsoft Excel VoIP Experience PowerPoint Touchscreen Downloads Google Maps Web Server Proactive Bitcoin Update Unified Threat Management Cooperation Shortcut Fort Worth Disaster Tracking Administrator 3D Printing Consumers Superfish Blockchain Digital Staff Multi-Factor Security Cameras Remote Monitoring and Management Windows 8 Chromebook business communications systems

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...