Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Richland Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Why ROBOT is a Risk After Nearly 20 Years

Why ROBOT is a Risk After Nearly 20 Years

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

Back in 1998, researcher Daniel Bleichenbacher found what is being called the ROBOT exploit in the secure sockets layer (SSL) encryptions that protect web-based platforms. There is a flaw in an algorithm that is responsible for the RSA encryption key--through specially constructed queries its error messages divulge enough information that after a short time they were able to decrypt ciphertext without the dedicated key for that encryption. In response, SSL architects created workarounds to limit error messages rather than eliminating the faulty RSA algorithm.

Referred to as an “Oracle” by researchers, the crypto-vulnerability provides only decisive yes and no answers, which allows people that form their queries a certain way to eventually retrieve detailed information about the contents of encrypted data. This is called an “adaptive chosen-ciphertext attack”.

Recently, researchers have found that over a quarter of the 200 most-visited websites essentially have this vulnerability, and about 2.8 percent of the top million. Facebook, the most visited website in the world for 2017, is one; while the money transfer platform PayPal is another. The explanation researchers gave was that with so much time focusing on the newest and baddest malware and exploits, this tried and true vulnerability has just been neglected. In a blog post they said as much:

“The surprising fact is that our research was very straightforward. We used minor variations of the original attack and were successful. This issue was hiding in plain sight. This means neither the vendors of the affected products nor security researchers have investigated this before, although it's a very classic and well-known attack.”

The vulnerability, now called ROBOT, an acronym for “Return of Bleichenbacher's Oracle Threat” was tested, with the findings being sent to the vulnerable sites to ensure they could get a patch created before the researchers went public with it.

Understanding the threats that are being used against businesses can go a long way toward helping you keep yours secure. For more information about the ROBOT vulnerability or what we can do to keep your company’s network secure, contact Telesys Voice and Data today at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Sunday, 22 April 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Hackers Privacy Malware Business Computing Productivity Business Email Microsoft Internet Windows 10 Hosted Solutions Backup Ransomware Software Computer IT Services Network Security Managed Service Provider Smartphone Mobile Devices Android User Tips Google IT Support Workplace Tips Managed IT services Hardware Browser Communication Social Media Efficiency Disaster Recovery Business Continuity Outsourced IT App Innovation Data Management Smartphones Small Business Office Business Management Data Cloud Computing Holiday Upgrade Remote Monitoring Server Office 365 Windows Miscellaneous WiFi Microsoft Office Facebook Data Backup Artificial Intelligence Spam Gmail Big Data Internet of Things Network Encryption Data Recovery Firewall Apps Phishing Hosted Solution Recovery Password Robot Save Money Paperless Office Money Saving Money Remote Computing Employer-Employee Relationship Infrastructure Work/Life Balance Risk Management Tip of the week Productivity Word Passwords Hacker Chrome Cybersecurity Unified Threat Management Apple Avoiding Downtime Content Filtering Customer Service Mobile Device Management How To Office Tips Government Operating System Mobile Device SaaS Managed IT BYOD Data loss Two-factor Authentication VoIP Presentation Business Growth Settings Analytics The Internet of Things Customer Relationship Management Windows 10 Computers Outlook Telephone Systems Tech Term Document Management Vendor Management Bandwidth Data Security Education Alert Health IT Support Cybercrime Data storage Managed IT Services Computing Hacking Mobile Computing Applications IT Management Social Tech Support Website Wi-Fi Virtual Reality Antivirus Humor Project Management YouTube Unified Communications Upgrades Analyitcs Business Technology Automobile LiFi Tablet Budget End of Support Mouse Collaboration Specifications Augmented Reality Legal File Sharing IBM Running Cable Scam Twitter User Monitors Vulnerability Politics Travel Retail Bring Your Own Device Search Google Drive Automation VPN Sports Websites Identity Theft Physical Security IT service Going Green Best Practice Taxes Cortana Lithium-ion battery Business Owner Virtual Private Network Botnet Virtualization Printing Administration Server Management Samsung Marketing Safety IT solutions Licensing Storage Maintenance Wireless Technology Wireless Digital Payment Competition Computer Care HIPAA Downtime Mobile Security Information Technology communications Training Modem WannaCry Error Domains Managed IT Service Time Management 5G Hotspot Entrepreneur Environment Data Breach Mirgation Cabling Application Comparison Break Fix Users Cookies Public Speaking Network Management Web Server Language Update Printer Troubleshooting Technology Laws Migration Black Friday Dark Web Staffing 3D Printing Lenovo Nanotechnology VoIP Administrator Phone System Touchscreen Cameras Computing Infrastructure BDR Chromebook Access Control Unified Threat Management Shortcut Laptop Chatbots Disaster Law Enforcement Hard Drives Cyber Monday Network Congestion Data Warehousing GPS Unsupported Software Superfish Virtual Desktop Digital CCTV Alerts Google Maps Emoji SharePoint business communications systems Display Patch Management Halloween Identity Uninterrupted Power Supply Gadget Refrigeration flu season Microsoft Excel Tracking Mobile Data Hacks Spyware Internet Protocol Deep Learning Fun Cooperation Downloads Scary Stories Solid State Drive Fort Worth How To Blockchain Current Events Networking VoIP streamlines Heating/Cooling G Suite Staff Processors Multi-Factor Security iPhone Compliance Hard Disk Drive Undo flu shot Firefox Motion Sickness IP Address Permissions business network infrastructure Alt Codes Servers Flexibility Google Calendar Google Docs Writing Regulations Fort Worth IT Assessment Mobile Office Fraud Supercomputer Personal Information Techology data services Typing IT Consultant Operations Help Desk Legislation Social Engineering Mail Merge Buisness Social Networking Machine Learning DFW IT Service Consultation Meetings Net Neutrality IT Budget Computer Repair Disaster Resistance PowerPoint User Error Cryptocurrency Statistics Cleaning Knowledge Wearable Technology Notifications Consumers Address Motherboard Relocation Smart Technology Webcam Internet Exlporer Electronic Medical Records Google Wallet Proactive IT Bitcoin Bluetooth Experience Software Tips Crowdsourcing Software as a Service Dark Data Redundancy Router Corporate Profile Private Cloud Distributed Denial of Service Quick Tips Point of Sale Drones eWaste IT Consulting Windows 8 IT Sevices IT Technicians Technology Tips

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code