Losing The Keys To The Castle: Azure Key Breach Should Worry Every Organisation

What is often the most expensive cybersecurity threat to recover from? A breach in the trust infrastructure. Research has shown that it can cost a large company, on average, around £150 million to fix the problem. One of the most significant events happened when RSA had their seed keys stolen for their SecurID tokens. These were used for two-factor authentication with key fobs and which meant that these devices could not be trusted anymore. As these were often used in highly secure environments, companies had to find every place where a fake device could have been used and revoke access for existing devices.

The focus for this is a loss of the trusted signing keys — typically the private key which is used to digitally sign things. As a worst case, this can be the private key which is used to sign for trusted software, such as with the SolarWinds hack, or for digital credentials.

In most single sign-on systems now, we integrate into a Cloud-based authentication system, such as to use Teams or SharePoint. For this Bob will identify himself with his credentials — such as from his Username and Password and from a OTP (One Time Password). The system then has a key pair to digitally sign Bob’s access token and does this either with a MAC-based signature (such as generated from a secret…