Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Fort Worth area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Telesys Voice and Data today at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Tuesday, 23 January 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Best Practices Hackers Cloud Privacy Productivity Malware Business Computing Business Microsoft Email Internet Windows 10 Backup IT Services Hosted Solutions Computer Android Network Security Smartphone Managed Service Provider Software User Tips Workplace Tips Ransomware Google IT Support Mobile Devices Hardware Browser Communication Managed IT services Social Media Business Continuity Efficiency Disaster Recovery Smartphones App Data Office Outsourced IT Holiday Business Management Remote Monitoring Office 365 Innovation Windows Miscellaneous WiFi Data Management Facebook Microsoft Office Upgrade Small Business Data Backup Big Data Internet of Things Network Artificial Intelligence Data Recovery Gmail Spam Firewall Apps Phishing Encryption Hosted Solution Recovery Robot Password Risk Management Productivity Word Hacker Unified Threat Management Tip of the week Content Filtering Cloud Computing Apple Avoiding Downtime How To Cybersecurity Save Money Money Office Tips Customer Service Mobile Device Management Work/Life Balance Employer-Employee Relationship Server Saving Money Analytics VoIP Remote Computing The Internet of Things Presentation Business Growth Managed IT Computers Customer Relationship Management Bandwidth Outlook Alert Education Windows 10 Passwords Chrome Data storage Cybercrime Telephone Systems Computing Health Social Hacking IT Support Government Wi-Fi Managed IT Services SaaS Operating System Two-factor Authentication Settings Antivirus Analyitcs Collaboration Legal Mobile Device File Sharing Data loss Twitter IBM Running Cable Politics Tablet Monitors Vendor Management Specifications Travel Google Drive Websites Automation Physical Security Bring Your Own Device Going Green Search User Taxes Sports IT service Botnet Printing Cortana Scam Virtualization Retail Samsung Administration Best Practice Vulnerability Lithium-ion battery IT solutions Safety Business Owner Data Security Wireless Technology Computer Care Wireless Marketing Virtual Reality Virtual Private Network Downtime Website Training Mobile Computing communications Competition Paperless Office Tech Support YouTube BYOD Upgrades Unified Communications Automobile Licensing Maintenance Information Technology Budget IT Management Digital Payment End of Support LiFi Humor Applications Mouse IT Consulting Quick Tips Law Enforcement Smart Technology Network Congestion Internet Exlporer Unsupported Software Project Management Hard Drives Troubleshooting CCTV WannaCry Emoji Software as a Service Laptop Virtual Desktop Data Breach Time Management Gadget Distributed Denial of Service Display Cabling Mobile Security Mobile Data Hacks Augmented Reality Business Technology Refrigeration Phone System Technology Tips Halloween Technology Laws Network Management Managed IT Service Infrastructure Hotspot Deep Learning Current Events Fun Lenovo G Suite VoIP Processors Staffing Comparison Scary Stories Unified Threat Management Touchscreen BDR Break Fix Motion Sickness Disaster Language Printer Shortcut Superfish Undo Digital GPS Black Friday Google Docs Writing business communications systems IP Address Google Maps Dark Web Uninterrupted Power Supply Computing Infrastructure Personal Information Access Control Alt Codes Patch Management iPhone IT Consultant Spyware Tracking Cyber Monday Social Engineering Internet Protocol Mobile Office Machine Learning Data Warehousing Meetings Solid State Drive Alerts Computer Repair SharePoint Typing Networking Cleaning How To Notifications Document Management flu season Storage Buisness VoIP streamlines Heating/Cooling Relocation Microsoft Excel Webcam Hard Disk Drive Cooperation Electronic Medical Records Downloads Cryptocurrency Google Wallet Knowledge VPN Firefox Crowdsourcing Identity Theft Fort Worth Dark Data business network infrastructure Servers Private Cloud Blockchain Point of Sale Staff PowerPoint Multi-Factor Security Bitcoin Drones Experience Techology Assessment Supercomputer flu shot data services Server Management Consumers Error Help Desk Permissions Google Calendar Windows 8 Mail Merge Disaster Resistance Domains Consultation IT Budget Fort Worth IT User Error 5G Statistics Entrepreneur Fraud Application eWaste Web Server Update Legislation Address Users Proactive IT Public Speaking DFW IT Service IT Sevices 3D Printing Bluetooth Administrator Software Tips Net Neutrality Environment Cameras Corporate Profile Chromebook Redundancy

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code