Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Dallas/Fort Worth area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Telesys Voice and Data today at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Wednesday, 20 November 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Business Computing Hackers Malware Privacy Email Business Productivity Hosted Solutions Microsoft Software Network Security Internet IT Services Windows 10 Computer Managed Service Provider Data Backup Productivity Ransomware Backup Innovation Mobile Devices Business Continuity Outsourced IT Android Hardware Smartphone Google Disaster Recovery Managed IT services Upgrade Social Media Efficiency User Tips Data Recovery Browser Communication IT Support Workplace Tips Data Small Business Cloud Computing IT Support Managed IT Services Business Management Smartphones App Data Management Phishing Holiday Microsoft Office Server Office Remote Monitoring Internet of Things Miscellaneous Facebook WiFi communications Network Paperless Office Office 365 Password Windows Apps Passwords Encryption Cybersecurity Save Money Artificial Intelligence VoIP Tech Term Gmail Big Data Spam Windows 10 Unified Threat Management Document Management Hosted Solution Recovery Apple Robot Employer-Employee Relationship Risk Management Saving Money Collaboration Bandwidth Firewall Customer Relationship Management Content Filtering Chrome Tip of the week Downtime Wi-Fi Avoiding Downtime Office Tips How To Government Customer Service Mobile Device Management Money Analytics Operating System Work/Life Balance Remote Computing Word Hacker Compliance Managed IT Infrastructure Vendor Management Going Green Telephone Systems Alert Applications Printing Data storage Social Windows 7 Health Computing Website Vulnerability Hacking Help Desk Mobile Computing Virtual Reality Data Security Training Tech Support Two-factor Authentication SaaS Settings BYOD IT Management The Internet of Things Computers Mobile Device Antivirus Business Growth Redundancy Presentation Healthcare Project Management Data loss File Sharing BDR Managed Service Education Business Technology Outlook Cybercrime Automation Physical Security Net Neutrality Taxes Proactive IT solutions Smart Technology Safety Retail Botnet Wireless Technology Remote Monitoring and Management Best Practice Samsung HIPAA Software as a Service Patch Management Wireless Lithium-ion battery Solid State Drive Router Mobile Security Scam Business Owner Meetings Identity Theft Storage Marketing Computer Care YouTube Unified Communications VPN Assessment Server Management Competition Licensing LiFi Virtual Private Network Digital Payment Access Control Consultation Information Technology Upgrades Maintenance Automobile Budget Humor End of Support Augmented Reality Laptops Analyitcs Mouse IBM Running Cable Tablet Legal Display Bring Your Own Device Search Specifications Twitter Sports IT service Politics Regulations Monitors Cortana Travel Google Drive Virtualization Administration User Websites Recycling Batteries Typing Lenovo Digital Motion Sickness Tracking Wearable Technology Bookmarks Google Docs Unified Threat Management Buisness Shortcut iPhone Uninterrupted Power Supply Motherboard Voice over Internet Protocol Writing Management Remote Work Personal Information Cryptocurrency Internet Exlporer Superfish Knowledge Spyware IT Consultant Favorites business communications systems Distributed Denial of Service Machine Learning Social Engineering Enterprise Resource Planning File Management Computer Repair Bitcoin Experience data services How To Cleaning WPA3 Notifications IT Technicians Conferencing Internet Protocol Technology Tips Heating/Cooling Managed IT Service Hard Disk Drive Relocation Modem Manufacturing Mobile Telephone Electronic Medical Records Windows 8 Hotspot Google Wallet Networking User Error Firefox Webcam Supercomputer Servers Domains Fleet Tracking PowerPoint Crowdsourcing Mirgation Employees Dark Data VoIP streamlines Comparison Break Fix 5G Entrepreneur Private Cloud Cookies Gadgets IT Budget Company Culture Mobile VoIP Language Drones Printer Application Consumers Point of Sale Public Speaking Asset Tracking Migration Zero-Day Threat business network infrastructure Users Black Friday Dark Web Error Nanotechnology Proactive Maintenance Vulnerabilities Computing Infrastructure Techology Statistics eWaste Software Tips Remote Workers Chatbots Backup and Disaster Recovery Cyber Monday Data Warehousing Mail Merge IoT Processor IT Sevices Web Server Geography Update Alerts Disaster Resistance Laptop SharePoint Hard Drives Bluetooth Environment Information Identity RMM Virtual Desktop flu season 3D Printing Microsoft Excel Address Corporate Profile Administrator Utility Computing Cameras Cables Chromebook Cooperation Proactive IT Halloween Downloads Quick Tips Refrigeration Troubleshooting History Monitoring Law Enforcement Procurement Network Congestion Fort Worth Active Directory Unsupported Software Deep Learning Blockchain Fun WannaCry CCTV Wires Emoji Staff IT Consulting Scary Stories Multi-Factor Security Time Management Mobility Cabling Electronic Health Records Phone System Gadget Remote Worker flu shot Cost Management Windows Server Mobile Data Permissions Hacks Staffing Flexibility Data Breach Google Calendar Network Management Undo Fort Worth IT IP Address Professional Services Hard Drive User Management Alt Codes Fraud Current Events VoIP GPS G Suite Google Maps MSP Processors Operations Cyberattacks Technology Laws Legislation Touchscreen DFW IT Service Mobile Office Disaster Social Networking Virtual Assistant

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code