Sunday, March 24, 2024

How To Improve Your Code Signing Process: 6 Golden Tips

 


With the advent of AI, one of the biggest issues that face all businesses and individuals alike is making sure that whatever receive is actually legitimate.  This could be in the form of an Email, phone call, or even a legitimate piece of mail. 

With all of the advances that are taking place, especially in that of Generative AI, creating illegitimate content that looks real, but is phony is very hard to discern.  For example, as this next Presidential Election cycle comes up in jut a matter of months, the issue of Deepfakes will come about.

This is where the Cyberattacker will try to create a video impersonating one of the candidates, which will look like the real thing.  From here, the video will then prompt you to a fake site, which will ask you to enter your username and password, which then the Cyberattacker will collect. 

More than likely, you will also be prompted to make a donation of sorts, but that money, once submitted will be sent over to a phony bank account, never being able to be recovered again.

Another example of this, is the source code that software developers use in order to create web based applications.  Very often in this regard, open-source APIs are used to help create and deliver the project quicker to the client. 

But the problem here is that the libraries and repositories that host them don’t keep them updated, or even replace them when newer or updated versions of the same APIs come out.

To help alleviate this problem, a procedure called “Code Signing” is used.  This can be technically defined as follows:

Code signing is the process of applying a digital signature to a software binary or file. This digital signature validates the identity of the software author or publisher and verifies that the file has not been altered or tampered with since it was signed. Code signing is an indicator to the software recipient that the code can be trusted, and it plays a pivotal role in combating malicious attempts to compromise systems or data.”

(SOURCE:  https://www.digicert.com/faq/code-signing-trust/what-is-code-signing)

Put in simpler terms, this is a more sophisticated way of confirming that the source code (or piece of it) that you receive is actually legitimate coming from the real source.  But this too has been wrought with difficulties, with the recent Solar Winds hack.  In extra effort here as well, he Certificate Authority/Browser , also known as the “CA/B” Forum launched a new set of guidelines for maintaining code-signing certificates.  More information about this can be seen at the link below:

http://cyberresources.solutions/blogs/Code_Signing.pdf

But apart from what is also available, there are a certain number of steps that you and your IT Security team should take as an extra, proactive step.  Here are some suggested guidelines:

1)     Secure the Keys:

Although this option is available for both On Premises and Cloud based deployments, it is far more efficient if you have the latter.  For example, Microsoft Azure has specific vaults that you can create and deploy for this very purpose.

2)     Access Control:

The use of Role Based Access Control, also known as “RBAC” is very important here.  For example, you would give a Network Administrator control to maintain the servers at your business, but you would not give these to your administrative assistant.  So therefore, the Code Signing Process should be only limited to those individuals that are intimately involved in the creation of the source code.  Further, all of the rights, permissions, and privileges that you give them, must be monitored closely.  All of this falls into an area which is known as Privileged Access Management (PAM), and will be examined in a future blog.

3)     Implement a Rotation Schedule:

As the name suggests, you should never ever use the same Code Signing Key over and over again.  The best practices here would mandate that for each source code release that you make, a new set of Keys has to be created.  If even one Key is compromised, all subsequent releases associated with that Key will also be affected.

4)     Have Time Stamps:

For each source code release, the Code Signing Key must have a time stamp to it, and have the sender notify of you when it has been sent.  Anything that has a long-time interval should be a big red flag, as this could indicate the source code could have been altered maliciously.

5)     Check the Integrity:

Always check the integrity of the Code Signatures.  If there was more than one that is required, have each software confirm the validity of it before it is released.

6)     Keep it simple:

Whatever methodology you make use of for your Code Signing Procedures, make sure you keep it simple, so that not only will it be quick to deploy but whatever security policies you use to keep it safe will also be easily enforced.  Just as important, make sure that you keep this process centralized, so that whoever from the IT Security team will be managing this will have clear transparency into it. 

My Thoughts On This:

Other key factors that need to be taken into consideration include the following:

*Mapping Policies

*The type of Certificate Authority that you want to make use of

*A defined approval process

*Setting up expiry dates for the Code Signing Keys

*The kinds of Cryptographic Algorithms you want to use

Also keep in mind that the police and procedures that you have in place will need to be evaluated and updated on a regular basis, as the Cyber Threat Landscape keeps changing and becoming more complex.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...