BlastRADIUS Vulnerability Threatens Corporate Networks and Cloud – InkBridge Networks Guides Organizations Through the Fix
July 09 2024 - 8:00AM
Business Wire
The BlastRADIUS vulnerability announced July 9 by cybersecurity
researchers involves the RADIUS protocol which underlies most
network connections worldwide. When the researchers discovered this
critical vulnerability, their first call was to Alan DeKok, CEO of
InkBridge Networks and the foremost expert on network
authentication and RADIUS.
“The BlastRADIUS vulnerability has far-reaching implications. We
believe that Internet service providers, businesses, and many cloud
service providers are affected by this issue. Everyone who runs
enterprise or ISP networks should be concerned,” explains
DeKok.
The upgrade needed to resolve this exposure is specific to each
vendor of RADIUS servers. DeKok and the team at InkBridge Networks
have released a new version of FreeRADIUS to address this issue,
which is available at
https://inkbridgenetworks.com/blastradius.
The computer networks of most companies
worldwide are exposed to the BlastRADIUS vulnerability. If this
vulnerability is not corrected, unauthorized users could gain
access to the network at the highest levels of authority.
Organizations should act swiftly to resolve this threat.
“The problem is a design flaw in the RADIUS protocol, and is not
limited to equipment from one vendor. In order to address this
critical security issue, network technicians will have to install a
firmware upgrade and reconfigure essentially every switch, router,
GGSN, BNG, and VPN concentrator around the world,” says DeKok. “We
expect to see a lot of talk and activity related to RADIUS security
in the next few weeks.”
- For businesses, universities, cloud service providers and
Internet service providers using RADIUS, this issue must be
addressed in order to secure network access.
- For individuals using the Internet from home, this
security vulnerability must be resolved by their Internet service
provider.
The vulnerability affects systems using the RADIUS protocol, a
communications procedure that underpins authenticated network
access. When a user logs in to a local network using a username and
password, likely the RADIUS protocol is involved in that
information exchange. RADIUS servers are a foundation layer for
securing corporate and ISP networks.
“You lock your office doors to protect business assets, but
without RADIUS authenticated users, everyone has open access to
your network, and no keys are required. Talk to your IT department,
network admins, system administrators and security team about
protecting your data,” says DeKok. “The discovery of the
BlastRADIUS issue means that network technicians need to upgrade
essentially all of the devices involved in network security,
identity, and authentication.”
How to fix the BlastRADIUS vulnerability
- We have released a new version of FreeRADIUS
(https://freeradius.org) to address this issue. DeKok is one of the
founders of the FreeRADIUS project, the leading RADIUS server, and
the product behind most cloud identity companies.
- Firmware updates to protect networking devices against
the BlastRADIUS vulnerability are available from the vendor of your
networking equipment.
- DeKok and InkBridge Networks will host a webinar on
Tuesday, July 9th 2024 at 9:00 AM (EDT) to discuss the implications
and solutions to BlastRADIUS. Sign up here to attend or receive the
recording.
- A second webinar will be hosted later in the day Tuesday, July
9th 2024 at 14:00 (EDT). Sign up here to attend or receive the
recording.
- For background about the BlastRADIUS vulnerability and
the solution, visit the BlastRADIUS information page here
https://inkbridgenetworks.com/blastradius/faq.
- InkBridge Networks offers documentation and an audit service
that will assess a system’s exposure to BlastRADIUS and other
network infrastructure issues. Review those options here:
https://inkbridgenetworks.com/blastradius.
About InkBridge
InkBridge Networks engineers, supports, and installs
foundational network solutions for authentication and network
security. The core team at InkBridge Networks founded and continues
to maintain the open-source FreeRADIUS Project, the world’s most
popular RADIUS server, supporting 100s of millions of users every
day.
Formerly known as Network RADIUS, the company has an
international team of network access architects and engineers with
decades of experience providing complex, low-risk network
solutions, including RADIUS, DHCPv4, DHCPv6, TACACS+, and DNS.
InkBridge Networks provides solutions engineering, support
packages, consulting, and training optimized for mid-size to large
enterprises, Internet service providers and universities. InkBridge
products are used by OEM vendors as the basis for nearly all
available RADIUS solutions.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240709244097/en/
Jana Sedivy InkBridge Networks jana.sedivy@inkbridgenetworks.com
InkBridgeNetworks.com