BEAST stands for Browser Exploit Against SSL/TLS. The BEAST attack 2011 is a cautionary tale that has a happy ending. It is worth reading, even if it’s not in detail, as it highlights important points about IT security.
What is the BEAST Attack of 2011
Security researchers Thai Duong (left) and Juliano Rizzo (right) carried out the BEAST attack in 2011. They presented a paper titled “Here Come The Ninjas” in which they described how to do a Browser Exploit against SSL/TLS (the technology that is used to create HTTPS-secured websites).
Duong and Rizzo proved that, although it took a lot of effort, and certain factors, it was theoretically possible for an attacker in real life to pretend to be a user while browsing.
Background to the SSL BEAST attack
Phillip Rogaway discovered the vulnerability exploited in Duong and Rizzo in 2002. This vulnerability was present in all versions of beast attack TLS/TLS and was corrected theoretically with TLS 1.1.
The BEAST attack was successful because the fix wasn’t widely accepted. All major browsers (Google Chrome, Internet Explorer for Microsoft Windows XP, and Mozilla Firefox as well as Safari, up to and including Mac OS X 10.5 and Safari) treated beast TLS 1.0 the highest version of this SSL protocol.
It was not widely accepted because it was believed that no hacker in the real world would go to such lengths to exploit the vulnerability. Duong and Rizzo proved that exploiting this vulnerability was much easier than most people thought. Real-world attacks using it are still unlikely but not as unlikely as people thought.
The aftermath of the BEAST attack
The BEAST attack left a lasting legacy. It highlighted the fact that even the smallest leak insecurity can turn into a large-open floodgate if it isn’t addressed quickly enough. It was a great example of the importance to identify vulnerabilities early and make sure the solutions are implemented in practice, not just theoretically.
It did for those who were involved in IT security. Unfortunately, this was not enough to reach everyone in IT security, let alone the general population. This is why the WannaCry attack of 2017 was so successful. Cybercriminals still routinely exploit flaws in obsolete software today.
Learn from SSL Beast Attack: Lessons
The main lesson from the BEAST attack in 2011 is that security basics can make a big difference in keeping your business online safe. You don’t want to cause more trouble than you are worth to cybercriminals. Here are some tips.
Reduce the complexity of your operating systems and software
You want everyone to use the same operating system on their desktops and mobile phones. You can keep your mobile devices within a few iterations if this is impossible. It is also important to stay within proximity of the latest version of your operating system. It is important to use an operating system that receives updates from its vendor/development group.
Because each piece of software can be an attack vector, minimizing its use is even more important. It is important to monitor any security issues, update them quickly, and replace them if necessary. You can create more attack vectors the more software you use. It is also more difficult to keep track of each one, even with automated tools.
Get some basic security tools
Although SMBs might not have the funds to purchase all the security tools that enterprise clients use, they likely don’t require them. A robust anti-malware solution that includes an integrated firewall is essential for their servers, local computers, and mobile devices. A website vulnerability scan is also required. A web application firewall and an anti-malware scanner are essential for any decent option. You might also be interested in a DDoS mitigation program.
Even SMBs could afford other security tools, but it is worth thinking about before you spend your hard-earned money. It is often better to have fewer tools than a lot of tools that you don’t understand.