SOURCE: Venafi


February 19, 2014 08:00 ET

New Research Reveals Most Enterprises Leaving Door Open to Rogue, Root-Level Access and Cyberattacks

Ponemon Institute Finds 3 out of 4 Organizations Have No Security Controls for SSH

SALT LAKE CITY, UT--(Marketwired - Feb 19, 2014) - Venafi, the leading provider of Next-Generation Trust Protection, today announced Ponemon Institute research which reveals enterprises tolerate security vulnerabilities by allowing open door, root-level access in the 2014 SSH Security Vulnerability Report. Underwritten by Venafi, the report exposes how cybercriminals are exploiting the lack of visibility and control over SSH keys used to authenticate administrators, servers, and clouds. 46% of the 1,854 respondents reported their servers and networks are left open and can be owned forever by attackers because they fail to rotate SSH keys. Not surprisingly, 51% of organizations reported already being breached by an attack using SSH.

This hole in enterprise security has not gone unnoticed. The recently uncovered Mask operation steals SSH keys to impersonate, surveil, collect, and decrypt its targets' communications and data (analysis and recommendation for those breached available here). If SSH keys are not replaced after intrusions like The Mask attacks, enterprise networks remain owned by the attackers. The Ponemon research also found that 60% of organizations could not detect rogue SSH keys on their networks since system administrators self-police SSH keys using manual processes.

Tweet this: 2014 #Ponemon #SSH Vulnerability Report finds 74% leave open root-level access without systems to protect SSH keys

Secure Shell (SSH) is the fundamental security system enterprises rely on to connect system administrators and automated processes to services, appliances, and cloud services over an authenticated, encryption channel. Payment servers, healthcare databases, cloud platforms, and even air traffic control systems are accessed and controlled by administrators via SSH keys. Because SSH keys never expire, cybercriminals and insiders alike gain almost permanent ownership of systems and networks by stealing SSH keys. Data loss prevention, advanced threat detection solutions and next-generation firewalls cannot examine SSH encrypted traffic, which allows adversaries to steal information over extended periods without detection.

Tweet this: 2014 #Ponemon #SSH Vulnerability Report finds 46% of networks can be permanently owned by stealing SSH keys

"Frequently, we look at a wide range of different IT security issues that impact global organizations. This study stands out as it reveals the damage that a single, unprotected SSH key can cause," said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. "Although SSH keys are an IT security technology, they are often left unchecked in the hands of a wide-range of administrators that are not, in theory or practice, IT security experts. This dirty little secret, revealed by the survey, is further evidence that root access to the world's most sensitive data is widely available and largely unprotected, leaving many organizations open to perpetual cyberattacks and compromises."

Tweet this: @Venafi urges #TheMask breached to replace #SSH keys or bulldoze the data center to clean up

"CEOs, CIOs, CISOs and other IT security executives are tolerant to the point of insanity when it comes to controlling, protecting and detecting SSH, the most widely used security and authentication technology between administrators, servers, and clouds," said Venafi CEO Jeff Hudson. "This is a dangerous situation, akin to giving the foxes the keys to the hen houses. They have allowed SSH security to spin out of control, which in fact places their organizations in jeopardy. The total inability to respond to a breach by rotating all SSH keys means CISOs should be investing more in bulldozers for their data centers than firewalls."

Tweet this: #Infographic: @Venafi finds insanity in action with 60% of enterprises relying on sysadmins to self-police #SSH keys

Download the full Ponemon 2014 SSH Security Vulnerability Report

Download the Information Security's Dirty Little Secret infographic


This report includes a survey of 1,854 respondents from Global 2000 enterprises in four countries: Australia, Germany, the U.K. and the U.S. More than 50 percent of respondents are employed in companies with 1,000 to 10,000 employees.

To get the latest news and information about Venafi:

Visit the blog at
Follow us on Twitter: @Venafi
Follow us on LinkedIn:
Follow us on Google+:
Like us on Facebook:

About Ponemon Institute
Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About Venafi
Venafi is the market leading cybersecurity company in Next-Generation Trust Protection (NGTP). Venafi delivered the first trust protection platform to secure cryptographic keys and digital certificates that every business and government depend on for secure communications, commerce, computing, and mobility. As part of an enterprise infrastructure protection strategy, Venafi Director prevents attacks on trust with automated discovery and intelligent policy enforcement, detects and reports on anomalous activity and increased threats, and remediates errors and attacks by automatically replacing keys and certificates. Venafi Threat Center provides research and threat intelligence for trust-based attacks. Venafi customers are among the world's most demanding, security-conscious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top-tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit