Are you Protected From a Komodia SSL Attack?

Are you Protected From a Komodia SSL Attack? | Security | Chicago IT | Equilibrium | EQInc.comThe security community is in an uproar about Komodia! Komodia is an IT firm that sells turn-key network interception technology, i.e. Komodia Redirector with SSL Digestor, to several software developers.

This allows software to decrypt traffic communicating with otherwise secure sites (bank websites, etc.). Komodia has more than 100 clients on board using its SDKs (software development kits).

Many found out within the past 2 weeks that most free-ware products have this vendor's kit built in. Security experts found the root issue in the "Superfish" story which is crap-ware on Lenovo laptops. The Superfish software includes the Komodia development kit.

Komodia works by installing its own certificate in the trusted certificates store of a local laptop. The browser and other applications then can decrypt traffic behind the scenes with no warnings. The computer implicitly trusts the Komodia certificate.

The purpose of Komodia's kit is to break SSL security, but the worst part is their poor implementation. For example, the certificate is encrypted with the password "komodia" (all lower case). This allows other third-party hackers to leverage Komodia installation since the password has been cracked and is public knowledge. I am sure attackers are grateful for yet another option in their toolbox!

If you are concerned, test your computer. See security expert, Steve Gibson's, 22 minute video on his Security Now podcast. From an IT management perspective, prevent local admin rights and use a whitelist/blacklist technical control.

Author: Todd Bey

Would you like to protect your organization against emerging threats such as the Komodia example? The first step is to schedule your free security consultation and Security Assessment by emailing .

Follow Us:

EQ Linked-In | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Facebook | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Google+ | Security | Chicago IT | Equilibrium IT | EQInc.com  EQ Twitter | Security | Chicago IT | Equilibrium IT | EQInc.com

 

Questions?  Call us today in Chicago at 773-205-0200 | Email us at  | Request a FREE Consultation

 

Contact Us

Call today! 773.205.0200 or use the form below.