And You Thought Your Transactions Were Safe: SSL Based Attacks

Your plaintext internet traffic is subject to attack. You already knew this.  And it probably won’t surprise you to learn that your encrypted internet traffic is also vulnerable. It’s an unfortunate situation. Carl Herberger, Radware’s VP for Security Solutions, says that the prospect of SSL-based attacks “makes a folly of our existing security infrastructure”. The reason? It uses our own existing security infrastructure against us.

The Anatomy of an SSL Attack

To gain an understanding of SSL-based attacks, we should first have a look at what is meant by SSL. The acronym stands for Secure Sockets Layer. The website SSL.com (also the name of the company) defines SSL as “the standard security technology for establishing an encrypted link between a web server and a browser”. That’s essentially true if, as many people do, you’re happy with calling the protocol TLS by the name of “SSL”. Read on if you’re confused.

SSL per se is obsolete. It is a cryptographic protocol that has been superseded by Transport Layer Security (TLS). SSL version 1.0 was never publicly released. As for 2.0, the Internet Engineering Task Force (IETF) put out RFC6176 in 2011 with the title “Prohibiting Secure Sockets Layer (SSL) Version 2.0”. In 2015 RFC7568 was published to deprecate SSL 3.0. TLS 1.2 was published in 2008, and TLS 1.3 was still in draft mode as of July 2017. To clarify, the term SSL could refer to any of those implementations — whether defunct or current.

The SSL/TLS mechanism is becoming more prevalent across the internet. A January 2014 web server survey by Netcraft stated: “Websites are increasingly being served over HTTPS: 48% more sites within the million busiest are using SSL than in January 2013.” Another term we should clarify here is HTTPS. This abbreviation HTTP is short for Hypertext Transfer Protocol, and it was developed by none other than the creator of the World Wide Web himself, Tim Berners-Lee. The acronym HTTPS simply stands for HTTP plus SSL. HTTPS was developed by Netscape, and it is widely used for website authentication and encryption of internet traffic.

SSL certificates allow website owners to provide users an accepted method for validating their identity. Web services companies offer these certificates as a way to create trust and secure the data that passes between the user and the enterprise. An authentication handshake occurs when the website’s SSL certificate is recognized by the user’s browser. Normally that would be enough.

An SSL attack is when a hacker uses SSL/TLS to flood a web server or to intercept data intended to be confidential.

Oh, but the bad guys always find a way. An SSL attack is when a hacker uses SSL/TLS to flood a web server or to intercept data intended to be confidential. As the security company Radware explains, SSL-based attacks take many forms. These include:

• Encrypted SSL floods
• SSL renegotiation
• HTTPS floods
• Encrypted Web application attacks

We won’t go into all these in-depth in this article. Instead, we will focus on malicious attempts to break into encryption to view or compromise data. You might think of them as man-in-the-middle attacks.

An article from Netcraft claims that only 1 in 20 HTTPS servers are implemented correctly. That means that 95% of HTTPS servers are vulnerable to trivial man-in-the-middle (MITM) attacks. That’s not good news. More companies are moving to HTTPS. Google, Facebook, Twitter, and Wikipedia all use HTTPS by default. (Notice the “https” in the URL any time you access those sites.) As more businesses turn to HTTPS, hackers are turning to SSL-based attacks. Radware’s 2015-2016 Global Application and Security Report said that their survey indicated a 50% increase of these attacks from the previous year.

The Big Bad Wolf

You only have to look at the newspapers to find examples of SSL-based attacks.  “SSL-based cyber-attacks are the posterchild for the idiom ‘a wolf in sheep’s clothing’,” says Radware. And the growth of cloud computing adds complexity to the issue. But if the connection and the data are encrypted, how can the wolf be so successful?

Let’s look at the details more closely. When you do business with a secure site — such as a financial institution or ecommerce business — you want to know that you can trust it. Infosec Institute gets into the weeds of the problem in a 2013 article on SSL attacks. They present a diagram that shows how the attacker manages to get in between the client and server in a TLS protocol handshake. And they suggest a command that the attacker might use:

GET /bank/sendmoney.asp?acct=attacker&amount=100000

Of course, it would be terrible to have $100,000 removed from your bank account without your permission. If you are a freelance writer, that request would likely result in an error. But you get the point.

You would think that SSL could prevent such intrusions. That’s the whole idea of network security, right? An entertaining cartoon from Lyquix shows how HTTPS is supposed to prevent the bad guy from getting in the middle. But it still happens.

“Identifying attack traffic within encrypted traffic flows is akin to finding a black cat in a black room – blindfolded.” That’s another quote from our friends at Radware. Obviously they have given a lot of thought to the subject.  The problem, as a joint publication from Gartner and Radware explains, is that SSL blinds other network security mechanisms from inspecting traffic. They say that inspection of network traffic is a core component of any security strategy. But remember, SSL data is encrypted.

Suppose you are at a cafe sipping on the latest mocha invention, and you decide to do a little online shopping. When you find that must-have item, you pull out your credit card. Is the website transaction safe? The URL begins with https, so it must be, right? Meanwhile, a hacker sitting twenty feet from you has sophisticated SSL-attack software. And the website uses the old SSL — not the latest TLS. It’s a recipe for disaster.

21st Century Problems

Your computer doesn’t care. Despite the hopes of transhumanists and Artificial Intelligence evangelists, your laptop is not very smart. It will do whatever you tell it to. It will even do anything that an SSL attacker tells it to do if you can’t prevent it. If the hacker wants to hijack your “secure” computer to pocket some of your money — well, welcome to the 21st century.

Heartbleed is not exactly an attack. Rather it is a vulnerability — a “bug” — introduced into the OpenSSL environment in 2012. It’s basically another example of buffer overflow due to a missing bounds check in what is called a “heartbeat” extension of the TLS implementation. A new version of OpenSSL was released on the same day that the bug was announced in 2014. Heartbleed left a huge chunk of the internet exposed, including Pinterest, Yahoo!, Wikipedia, SoundForge, and Amazon Web Services.

POODLE — Padding Oracle On Downgraded Legacy Encryption — is another weakness in the world’s line of cyber defenses. The Google security team discovered this one and announced it in a 2014 paper. It allows for a sort of man-in-the-middle attack that exploits SSL’s fallback mechanism.  An article from ThreatPost discusses Microsoft’s removal of SSL 3.0 fallback in response to POODLE. We quote the article here:

“POODLE attacks enable hackers to decrypt traffic over a supposedly secure connection. The weakness in SSL 3.0 occurs when attempts to negotiate a secure connection fail, webservers sometimes will fall back to an older protocol in order to enable the connection. SSL 3.0 is vulnerable to padding oracle attacks against the webserver putting supposedly encrypted traffic at risk.”

Another chink in the armor of web security is called Browser Exploit Against SSL/TLS, or SSL BEAST for short. According to Webopedia, SSL BEAST leverages weaknesses in cipher block chaining (CBC). The site posted this description: “The CBC vulnerability can enable man-in-the-middle (MITM) attacks against SSL in order to silently decrypt and obtain authentication tokens, providing hackers with access to the data passed between a Web server and the Web browser accessing the server.”

Trust But Verify

Now that your confidence in secure web transactions has been totally shattered, perhaps we should offer some information on mitigation. But unfortunately, we must start with the harsh reality declared to us by VP Herberger of Radware. He gives the analogy of an IED device in cyberwarfare, and says that SSL-based attacks are “easy to execute… very hard to detect… and extremely hard to mitigate”. He says there are plenty of software platforms from which to launch SSL attacks. It’s as if the bad guys had their own development team.

Perhaps the most obvious answer to guard against the exploit is to get off the old SSL. If the IETF declares them “prohibited” and “deprecated”, that should be good enough for any programmer. Apparently that goes for fallback to SSL 3.0 as well. Use the latest TLS release.

Here’s a rundown of the recommendations from Radware, their “Keys to Success” for encrypted attack protection:

• Visibility
• Service chaining
• Flexible traffic inspection
• Security
• Scalability
• High availability

The good thing about encryption is that it keeps other people from looking at your internet traffic. The bad thing about encryption?  It keeps people from looking at your internet traffic. The U.S. government deals with this conundrum all the time, and companies who want to protect their infrastructure from attack have to deal with the blinding effect of encryption. There must be some privacy, after all.

Companies need a strategy for decryption and deep packet inspection. The Gartner/Radware documents (see link below), such as “Protection from a Growing Attack Vector: Encrypted Attacks”, provide a much broader explanation of the exploit and how to deal with it. One example is to use a security policy that interrupts an SSL session, decrypts it, and then re-signs it.

Whatever strategies are employed, the use of a certificate authority (CA) is essential. As Techopedia explains, “A certificate authority (CA) is a trusted entity that manages and issues security certificates and public keys that are used for secure communication in a public network.” CA’s are third parties that build trust between users and providers.

Conclusion

Encryption is at the very heart of secure internet transactions. We would like to believe that they are really secure — and the vast majority really are. Doing business over the internet is definitely convenient. It beats putting on clothes, jumping in the car, and heading down to the bank to transfer money. But with that convenience, there remains some element of risk — which may even get worse. The folks at Gartner reported: “The continued growth of SSL/TLS traffic will be amplified by the adoption of HTTP 2.0. It creates a new attack surface for malware infection, data exfiltration and call back communication.”

Oh, and when quantum computers actually work at capacity? You can forget all those fancy encryption schemes. We’ll have to throw out the book and start over.

[For more information on SSL attacks, have a look at the Gartner/Radware document here.]

Protect your web applications and APIs from SSL-based attacks with Total Uptime’s Web Application and API Protection (WAAP) service.