Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Richland Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Telesys Voice and Data today at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Wednesday, 18 July 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Hackers Malware Privacy Business Computing Productivity Business Email Microsoft Internet Hosted Solutions Windows 10 Software Backup Managed Service Provider Ransomware Computer IT Services Network Security Mobile Devices Android Smartphone User Tips Managed IT services Social Media Google IT Support Workplace Tips Outsourced IT Hardware Browser Communication Business Continuity Efficiency Disaster Recovery Smartphones App Data Backup Innovation Data Management Small Business Upgrade Office Business Management Data Holiday Cloud Computing Internet of Things Facebook Remote Monitoring Data Recovery Server Office 365 Miscellaneous Windows WiFi Microsoft Office Network Encryption Spam Artificial Intelligence Gmail Big Data Apps Phishing Hosted Solution Recovery Password Productivity Bandwidth Robot Save Money Firewall Paperless Office Avoiding Downtime Work/Life Balance Content Filtering Managed IT Services Customer Service Mobile Device Management Office Tips Saving Money Remote Computing Employer-Employee Relationship Unified Threat Management Infrastructure Risk Management Customer Relationship Management Tech Term Chrome Tip of the week Passwords How To Word Government Hacker Document Management Money Apple Cybersecurity IT Support Applications Cybercrime Hacking Mobile Computing Tech Support IT Management Social File Sharing Website Operating System Wi-Fi Antivirus Vendor Management Mobile Device VoIP Managed IT Data loss Presentation Business Growth Alert Two-factor Authentication Settings Data storage Analytics BDR Computing The Internet of Things Outlook Windows 10 Computers Compliance Telephone Systems Virtual Reality SaaS Health BYOD Education Data Security Budget Virtualization Virtual Private Network Administration Assessment End of Support Marketing Server Management Smart Technology Mouse IT solutions HIPAA Safety Competition Collaboration Licensing Legal Mobile Security Wireless Technology Maintenance Wireless Digital Payment Information Technology Twitter Downtime Politics communications Monitors Humor Travel Google Drive Project Management YouTube Websites Unified Communications Automation Analyitcs Physical Security Going Green Taxes Business Technology Botnet LiFi Tablet Printing Samsung Specifications Storage Augmented Reality User Patch Management IBM Running Cable Computer Care Scam Retail Vulnerability Training Best Practice Bring Your Own Device Regulations Search Lithium-ion battery VPN Sports Identity Theft IT service Business Owner Automobile Upgrades Cortana Net Neutrality Web Server Update Enterprise Resource Planning Wearable Technology Mobile Office Supercomputer Techology data services PowerPoint Administrator Typing 3D Printing Motherboard Help Desk Internet Exlporer Cameras Mail Merge Chromebook Mobile Buisness Law Enforcement Consultation Network Congestion IT Budget Software as a Service Consumers Disaster Resistance User Error Cryptocurrency Statistics Unsupported Software Router Knowledge Distributed Denial of Service CCTV Address Emoji Vulnerabilities Gadget Display IT Technicians Technology Tips Proactive IT eWaste Bitcoin Bluetooth Mobile Data Modem Experience Software Tips Hacks Managed IT Service Hotspot Redundancy IT Sevices Geography Corporate Profile IT Consulting Quick Tips Mirgation Comparison Environment Windows 8 Cookies Current Events Break Fix WannaCry Language Domains Printer G Suite Processors Cables Data Breach Time Management Migration 5G Black Friday Entrepreneur Troubleshooting Motion Sickness Nanotechnology Cabling Dark Web Application Google Docs Computing Infrastructure Public Speaking Access Control Wires Users Technology Laws Network Management Writing Chatbots Cyber Monday Phone System Personal Information IoT Data Warehousing VoIP Alerts Staffing SharePoint IT Consultant Lenovo Unified Threat Management Machine Learning Touchscreen Social Engineering Identity flu season Meetings Shortcut Computer Repair Utility Computing Laptop Disaster Microsoft Excel Hard Drives Virtual Desktop Digital Cooperation GPS Downloads Cleaning Superfish Notifications business communications systems Relocation Google Maps Fort Worth Blockchain Refrigeration Webcam Electronic Medical Records Healthcare Halloween Uninterrupted Power Supply Google Wallet Crowdsourcing Spyware Dark Data Staff Tracking Multi-Factor Security Internet Protocol Private Cloud Deep Learning Fun flu shot Drones Permissions iPhone Point of Sale Cost Management Scary Stories Solid State Drive How To Flexibility Google Calendar Networking VoIP streamlines Error Heating/Cooling Fort Worth IT Fraud Undo Management Hard Disk Drive Firefox Operations IP Address Legislation business network infrastructure Alt Codes Servers Social Networking DFW IT Service

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code