New Data Reveals Yahoo’s Post-Breach Failings

Data from Venafi which reveals just how inadequately Yahoo has reacted to the breach announced last week and specifically, the cryptographic controls it still has in place. The results are damning:

–          Yahoo has not taken the action necessary to ensure they are not still exposed and that the hackers do not still have access to their systems and encrypted communications

–          Yahoo is still using cryptography (MD5) that has been known to be vulnerable for many years now.

The net result if you are a Yahoo customer (or a BT or BSKYB customer) is that you should be worried that Yahoo has not taken the steps necessary to ensure the hackers don’t still have access. More broadly, questions should be asked of Yahoo’s security. Here is the data that shows this:

Supporting data:

• Venafi Labs analyzed data from TrustNet, a global database of certificate intelligence, and found that 27% of the certificates on external Yahoo! websites have not been reissued since January, 2015. Replacing certificates after a  breach is a critical mitigation practice; unless certificates are replaced breached organizations cannot be certain that attackers do not have ongoing access to encrypted communications.

• Only 2.5% of the 519 certificates deployed have been issued within the last 90 days, so it’s likely that Yahoo! does not have the ability to find and replace digital certificates quickly. Unfortunately, this is a very common problem, even in very large organizations with a significant online presence.

• Venafi Labs data includes a surprising number of Yahoo! digital certificates that use MD5, a cryptographic hashing function that can be reversed with brute force attacks. MD5 also suffers from many serious, well documented vulnerabilities. For example Flame, a family of malware used for targeted espionage by nation states, relied on an MD5 vulnerability.

• All of the MD5 certificates in use by Yahoo! today and many of the other certificates Venafi Labs evaluated are self-issued. One current MD5 certificate uses wildcards (*.yahoo.com) and has an expiration date of 5 years.  Certificates with long expirations dates, those that are self-issued and those that use wild cards are all symptoms of weak cryptographic control.

• 41% of the external Yahoo! certificates in the TrustNet data set use SHA-1, a hashing algorithm that is no longer considered secureagainst well-funded opponents. The major browser vendors have stated that they will stop accepting SHA-1 certificates in January of 2017.

Quotes from Venafi on the data:

“In our experience major breaches, such as the one suffered by Yahoo!, are often accompanied by relatively weak cryptographic controls,” said Alex Kaplunov, vice president of engineering for Venafi. “To confirm this assumption we took an in-depth look at  external facing Yahoo! web properties and the details of how these sites are using cryptography. We found the encryption practices on these properties to be relatively weak. This is not surprising. In our experience most enterprises, even global brands with deep  cyber security investments, have weak cryptographic controls.”

“Any one of these cryptographic issues would leave an organization extremely vulnerable to attacks on encrypted communication and authentication,” said Hari Nair, director of product management and cryptographic researcher for Venafi. “Collectively, they pose serious questions about whether Yahoo!  has the visibility and technology necessary to protect encrypted communications and ensure its customers privacy. Our research has led us to believe that there is usually a high degree of co-relation between weak cryptographic controls and overall cybersecurity posture”