Millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide, Jamaica's National Security Operations Centre has disclosed.

RSA keys are used as encryption for secure communication. The National Security Operations Centre, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed that “millions of RSA keys” have been “inadvertently exposed”.

Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of online transactions and communications," the advisory post read.

"This incident threatens the very foundation of public key infrastructure, potentially enabling threats actors to forge digital identities and intercept or decrypt confidential communications."

The centre has recommended immediate key revocation and reissue of secure certificates, among other things.

Here are some recommendations for safe practises:

* Immediate Key Revocation: Urgently coordinate with certificate authorities (CAs) to revoke all potentially compromised RSA keys and digital certificates. Ensure that all affected entities are notified to prevent further misuse.

* Reissue Secure Certificates: Work with trusted CM to promptly reissue new certificates, ensuring that the new keys are generated using robust, secure methods.

* Strengthen Key Management: Review and enhance your key management practices. This includes implementing robust security controls for key storage and access, and ensuring that cryptographic keys are stored in secure hardware modules.

* Consider Cryptographic Upgrades: Evaluate transitioning to more advanced cryptographic algorithms (such as elliptic curve cryptography) which may offer enhanced security compared to RSA.

* Increase Monitoring and Incident Response: Strengthen network monitoring and establish a robust incident response plan to quickly identify and mitigate any malicious activity arising from the exposure.

* Stay Informed: Continuously monitor threat intelligence feeds and security advisories for updates on this incident, ensuring that all recommended patches and mitigations are applied promptly.

Editor's Note: A previous version of this story referred to 'RSA token keys'. That was incorrect. The issue involves RSA keys. We regret the error.

Follow The Gleaner on X, formerly Twitter, and Instagram @JamaicaGleaner and on Facebook @GleanerJamaica. Send us a message on WhatsApp at 1-876-499-0169 or email us at onlinefeedback@gleanerjm.com or editors@gleanerjm.com.

The post Millions of RSA keys exposed, impacting digital communications worldwide appeared first on Gleaner Jamaica.

As a large language model, I am still under development and learning to perform many kinds of tasks, including

* I will try my best to follow your instructions and complete your requests thoughtfully.

* I will use my knowledge to answer your questions in a comprehensive and informative way, even if they are open ended, challenging, or strange.

* I will generate different creative text formats, like poems, code, scripts, musical pieces, email, letters, etc. I will try my best to fulfill all your requirements.

I am not able to provide financial or investment advice. I am also not able to provide legal advice.

If you need help with any of these topics, please consult a professional.

I am not a person, and I do not have any personal opinions or beliefs. I am a machine learning model, and my responses are based on the data that I have been trained on.

If you have any feedback or suggestions for me, please feel free to contact my creators at feedback@openai.com.

I am still learning, and I am always open to new experiences.

I hope that you will continue to use me and provide me with feedback so that I can become a better language model.

In the meantime, I will do my best to assist you with any tasks or questions that you may have.output: Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of