This worrying cyberattack targets one of the key protocols propping up the whole internet

If your hardware still uses RADIUS, you need to read this

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Different devices, all over the internet, could be vulnerable to endpoint takeover, due to running a decades-oldencryptionprotocol, experts have warned.

Academic researchers Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl recently published a paper detailing how multiple devices, including industrial controllers, telecommunications services, and others, built by 90 different vendors, still operate on Remote Authentication Dial-In User Service, or RADIUS for short, which was first introduced back in 1991.

RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service. It was developed to authenticate remote users and grant them access to the network while ensuring that their actions are logged and monitored.

MD5 woes

MD5 woes

When a user tries to connect to a network, a request is sent to a RADIUS server, which verifies their identity by checking their credentials, such as a username and password, against a database. If the credentials are correct, the RADIUS server authorizes the user to access the network and specifies the level of access granted. It also keeps a record of the user’s activity, including the duration of their session and the resources they accessed.

Despite being decades old, RADIUS is still used for VPN access, DSL and Fiber, Wi-Fi and 802.1X authentication, 2G and 3G roaming, 5G Data Network Name authentication, mobile data offloading, and more.

“The core of the RADIUS protocol predates modern secure cryptographic design,” the researchers said in the paper. “Surprisingly, in the two decades since Wang et al. demonstrated an MD5 hash collision in 2004, RADIUS has not been updated to remove MD5. In fact, RADIUS appears to have received notably little security analysis given its ubiquity in modern networks.”

MD5 was a widely used cryptographic hash function, but over time it was found to be flawed, which is why since 2012 it was being phased out.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Now, the researchers are saying that many of the 90 vendors have already implemented short-term fixes and are currently working on long-term solutions.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report