Risk Factors of Implicit Trust in Embedded Cryptographic Systems

Recent headlines imply that implicit trust in embedded cryptographic systems coupled with a lack of visibility and control puts critical infrastructure and cloud environments at severe risk for exploitation.

“The backdoor…, exists in an encryption algorithm baked into radios sold for commercial use in critical infrastructure….It would allow someone to snoop on communications to learn how a system works, then potentially send commands to the radios that could trigger blackouts, halt gas pipeline flows, or reroute trains.” 

A second vulnerability was discovered which; “… would let someone decrypt encrypted voice and data communications and send fraudulent messages to spread misinformation or redirect personnel and forces during critical times.” – Wired.com

“Microsoft says hackers stole a cryptographic key that let them generate their own authentication “tokens”—strings of information meant to prove a user’s identity.“

“We put trust in passports, and someone stole a passport-printing machine,” says Jake Williams, a former NSA hacker who now teaches at the Institute for Applied Network Security in Boston.–Wired.com

The government has clearly prioritized the need to replace implicit trust models with zero-trust architecture (ZTA), with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) leading the way. However, there is still an area of need that remains poorly characterized, is facing a growing threat of becoming ineffective, yet is essential to enabling ZTA objectives and enjoys implicit trust. You may have guessed it, if not then, surprise it’s cryptography. The pillar of ensuring confidentiality and integrity controls across IT/OT/IoT arenas, is driven by varying multi-national standards, and is facing an existential threat from emerging cryptographically relevant quantum computers.  Yet with all this negative pressure, it is still implicitly trusted with little to no means to effectively validate, control, or enhance for the purposes of data protection and system integrity.

On the contrary, adversaries have taken full advantage of this capability gap and have found ways to improve their tradecraft by “living off the land” and blending in with authorized applications and processes. We have fresh examples of this reality by way of the recent nation-state attack targeting a key portion of the Microsoft cloud authentication system, as well as the continuing success of ever-stealthy ransomware attacks. Some of these attacks are the result of day-to-day nation-state intelligence gathering, while others are more opportunistic and target opportunities generated during workload migration or limited cloud provider security options. All of which benefit from the lack of visibility of cryptographic functions across the cloud/hybrid boundaries today.

The time to extend zero-trust principles into the cryptographic ecosystem is now, especially with the growing sophistication of our interconnected digital ecosystem and steady increase in quantum computing. If the U.S. and its industry partners want to remain a major player in what has become a cyber grand power competition, we must incorporate cryptographic discovery and agility tools into vulnerability and compliance programs today. Then drive consumption across on-prem, hybrid, and cloud environments, which will lower the noise-floor and shed light on what is today a target rich cryptographic environment.

Additional Reading:

How PAM Can Protect Feds From Third Party/Service Account Cyber Attacks

How PAM Can Protect Feds From Third Party/Service Account Cyber Attacks

Share This