Organizations fear the Cryptoapocalypse
- Published: Friday, 03 April 2015 16:00
The Ponemon Institute and Venafi have released the results of the 2015 ‘Cost of Failed Trust Report’, which examines the Internet’s system of trust. The report is based on interviews of over 2,300 IT security professionals based in the United Kingdom, Australia, France, Germany, and the United States.
The 2015 Cost of Failed Trust Report found that:
- Security pros worry about a Cryptoapocalypse-like event impacting their organization: a scenario where the standard algorithms of trust like RSA and SHA are compromised and exploited overnight is reported as the most alarming threat. Instantly transactions, payments, mobile applications, and a growing number of Internet of Things could not be trusted. Coined by researchers at Black Hat 2013, a Cryptoapocalypse would dwarf Heartbleed in scope, complexity, and time to remediate.
- As risk increases, so does the number of keys and certificates: the use of more keys and certificates makes them a better target for attack. Stolen certificates sell for almost a thousand pounds on underground marketplaces, and doubled in price in just one year. Researchers from Intel believe hacker interest is growing quickly and that stolen certificates will soon become the next big hacker marketplace.
- The misuse of enterprise mobile certificates is a lurking concern: The misuse of enterprise mobility certificates used for applications like WiFi, VPN, and MDM/EMM is a growing concern for security professionals. Misuse of enterprise mobility certificates was a close second to a Cryptoapocalypse-like event as the most alarming threat. Incidents involving enterprise mobility certificates were assessed to have the largest total impact, over £79 million, and the second largest risk. With a quickly expanding array of mobile devices and applications in enterprises, it’s no wonder why security pros are so concerned.
To view a full copy of the report, please visit: https://www.venafi.com/Ponemon