The final episode of the expansive Star Wars saga sees the Resistance engage in one last, great battle with what has evolved from the First to the Final Order. Ultimately this battle is representative of the larger scale struggle of the series, the Dark Side vs. the Light Side of the Force, but it also lends itself rather well to an analogy for the opposing forces present in the cybersecurity space. Everyone in our industry, from customer support engineers to CISOs, and all the security admins and enterprise architects in between are our Jedi army. The Sith, on the other hand, are represented by all the malicious actors out there hiding in encrypted traffic, selling stolen credentials and machine identities, and using every attack vector they can to get access to critical systems and data.
In the first two episodes of this blog series, my colleague at nCipher, Juan Asenjo, and I discussed some of the phantom menaces that target machine identities and can threaten an organization’s security. We offered insight into tools and best practices that can help protect against those threats. Juan’s most recent post in the series, “Identity Wars: Episode VIII – The Last Jedi,” outlines how a secure root of trust provided by a hardware security module (HSM) like nShield, acts as the last line of defense for the security of the enterprise, and how an organization can incorporate that strong root of trust into their code-signing processes. In this final blog of our series, I’ll focus on how organizations, and their Jedi armies, can rise to the challenge of protecting their critical machine identities.
THE CASE OF MISTAKEN IDENTITY
Emperor Palpatine, thought to be long defeated, is revealed to be calling the shots once more. Even more surprising is just what he’s been able to accomplish in that forgotten state, including producing a massive fleet of Star Destroyers that will eventually be used in a final push to take over the galaxy once and for all. All of this was made possible because he’d been using a puppet (Snoke) to do his bidding, gather followers and spread his message.
In the world we live in, a mistaken machine identity, or perhaps better put, a compromised machine identity, can be just as dangerous. The difference between Star Wars and the real world is the fact that if a machine identity is compromised and used as an entry point to an enterprise network or used to legitimately sign a piece of malware, it’s going to take more than 120 minutes and some special effects to recover from the damage. In fact, it might even be too late.
The best defense is to be prepared. Be aware. Have visibility into the identities, both human and machine, that are in use in your organization. Ensure that these critical identities are as secure as possible to prevent a compromise from happening in the first place. If a machine identity compromise does happen, have the tools needed to discover and alert you when it does and a plan in place to recover quickly.
A code-signing certificate is a type of machine identity – signing a piece of code legitimizes that code and lets the end user know that it’s safe to install and use. It’s been said that, today, ALL companies are software companies. Even if your organization doesn’t publish applications consumed by your customers, there’s an increasingly likely chance that it employs some developers still writing software. It doesn’t matter whether the software will be packaged and shipped to millions of users, or if it’s only going to be used internally by a few teams in your organization – it must be trusted, and that trust is established using a machine identity. Even better, it originates from, and is secured in an HSM, which provides greater entropy for the initial private key generation and stronger, more secure hardware storage.
When it comes time to actually utilize that machine identity to sign code, the process to check the code-signing certificate out of secure storage needs to be protected as well. The certificate should only be accessible by specified users or build processes, and it should be available only at the time of signing. Once the code has been signed, there should be a clear audit trail providing details about that process. What code was signed? Which user or bot initiated the build? Did it receive the proper approvals beforehand? It’s much easier to answer these questions if you have the tools in place designed to secure the process.
THE FORCE OF THE ECOSYSTEM
If the Jedi are the security experts protecting us from the evils of the dark side of threat actors, then the ecosystem of integrated tools and technologies is the force that supports the efforts of those experts. You should feel confident that you have the industry leaders behind you, building tools that seamlessly connect and make securing the data and machines of the enterprise a little easier. Together, nCipher and Venafi provide the tools needed to securely generate and store machine identities and orchestrate and secure the process by which those identities are automatically renewed, provisioned, and used.
To learn more, join Juan and me for our webinar Beware the dark side, use trusted machines and HSMs to support critical business and may the force be with you.