Maksim Kabakou - Fotolia

How can an HTTPS session get hijacked with the Forbidden attack?

An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites.

Dozens of HTTPS-protected websites owned by Visa, as well as servers belonging to other financial entities, have...

been found to be vulnerable to what's called the Forbidden attack. Hackers can inject malicious code into users' browsers, using a flaw stemming from improper TLS implementation. What is the Forbidden attack and how does it work? How can organizations ensure that HTTPS-authenticated sites are properly secured?

cryptography is difficult for even the most sophisticated enterprises and requires ongoing diligence to ensure it is used consistently and correctly across an enterprise. Sometimes there is even a basic lack of awareness in software developers and enterprises of the severity and importance of using cryptography correctly. Security researchers Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky and Philipp Jovanovic wrote a paper, did a presentation at Black Hat 2016 and wrote a proof-of-concept tool to raise awareness about the Forbidden attack. The Forbidden attack becomes possible when a nonce is reused to establish an HTTPS session, for a server using AES-GCM for encryption. The nonce is reused by software developers who don't understand the difficulties in generating random 8-byte values. This nonce is supposed to be used for setting up the encrypted connection. Reusing the nonce allows a man-in-the-middle attack where an attacker could take control of the HTTPS session or modify data.

An enterprise could detect an insecure configuration of HTTPS session settings on sites by using a vulnerability scanner, SSL Scanner or a dedicated HTTPS scanner like masscan, which is mentioned in the research paper and includes configuration checks for HTTPS session settings. Systems running software vulnerable to the Forbidden attack would need to install a patch and if a patch is not available, notify the software vendor to request a patch. Insecure settings would need to be triaged like other vulnerabilities, in terms of prioritizing resources to fix the vulnerability. Given the difficulties with configuring the multitude of HTTPS settings, having an enterprise standard will help in the remediation of these vulnerabilities, where a system admin can just use the standard configuration settings and not need to figure them out individually. To help with creating these enterprise configuration standards, industry standards bodies can give more detailed guidance on how to develop software to meet their standards.

Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Learn how to fix Windows Server SSL/TLS security flaws

Find out how to secure Gmail accounts from BREACH attacks

Read about the pros and cons of mass scanning of the internet

This was last published in October 2016

Dig Deeper on Application attacks (buffer overflows, cross-site scripting)