Re: Recent HSM breaches

geraldjoyce312 · ‎08-27-2021

I have been looking on the web for news and background on any recent HSM breaches. I haven't found anything less than about three years old. Would anyone know of a resource I could look at to gather information? I am interested in researching the cause of the breaches, whether they be hardware tampering, a code vulnerability, misconfiguration, placed in the wrong security zone with the wrong security controls, etc. Any information would be greatly appreciated.

Caute_cautim · ‎08-29-2021

@geraldjoyce312 The fact is HSMs are used for all sorts of Financial Institutions around the world, for regulatory requirements etc. The fact is many vendors would not like this type of information to be available in the public realm - bad for business and reputation, trust etc.

Based on this link: https://searchsecurity.techtarget.com/tip/What-are-the-biggest-hardware-security-threats

You can perceive some of the issues from going from manual to automation processes in terms of assurance, balanced carefully in terms of mandated regulation, especially in the payment and transaction space.

Or even using Cloud based HSMs. I once saw one situation, where by the management interface was actually left exposed on the same public VLAN, which caused some internal issues for the organisation involved, especially as the client actually found it themselves and were actively using the services to use Cloud based HSMs, using a mobile device. It was solved very quickly indeed as you can imagine.