View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

575 cloud providers still remain at risk of Logjam

99% of companies are using at least one cloud service that is potentially vulnerable.

By CBR Staff Writer

575 cloud-based services are potentially vulnerable to the LogJam attack, according to cloud security firm Skyhigh Networks.

It was found that 99% of companies are using at least one cloud service that is potentially vulnerable, with the average enterprise utilising 71 vulnerable services.

The Logjam vulnerability, which is similar to the FREAK attack that was identified earlier this year, enables man-in-the middle (MITM) attacks. It would occur In the client’s Hello message, asking for a standard ‘DH’ ciphersuite.

It allows the attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography.

The message will be changed by the MITM attacker to ask for export DH and the server responds with a 512-bit export DH key, signed with its long-term key.

Because of the OpenSSL/Secure Transport bug, the client accepts the weak key. The attacker will then factor the DH modulus to recover the corresponding DH decryption key.

The attacker can decrypt the pre-master secret to the server in order to recover the TLS master secret, resulting in plain text and can inject anything it wants.

Content from our partners
The growing cybersecurity threats facing retailers
Cloud-based solutions will be key to rebuilding supply chains after global stress and disruption
How to integrate security into IT operations

Skyhigh Networks European spokesperson Nigel Hawthorn said: "To patch the vulnerability, cloud providers should disable support for export suites, deploy elliptic-curve Diffie Hellman, and generate a strong, unique Diffie Hellman Group.

"Likewise, individual organisations must determine and contain both their client-side and service-side exposure. For instance, simple steps like making sure employees only use browser versions that are not vulnerable, such as patched versions of Chrome or Firefox."

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU