Protect Your Business from a FREAK Attack
Hoboken, New Jersey (PRWEB) March 26, 2015 -- eMazzanti Technologies, a NYC area IT security consultant and managed services provider (MSP), encourages businesses to take basic steps to guard against a novel hacker threat in a new article published on their website.
FREAK, a method of cracking encryption keys, was recently brought to light by researchers at the French computer science institute INRIA. According to a March 3, 2015 article published on the website, CNN Money, they employed the technique to hack the thought-to-be-secure NSA website, demonstrating how criminals might, with minimal effort, profit from such an attack by stealing passwords, personal information and financial data.
“This is just one more way that criminals can steal sensitive information from businesses,” said Jennifer Mazzanti, President, eMazzanti Technologies. “There are reasonable and cost-effective steps that everyone can take to defend against a FREAK attack and other threats that surface daily.”
Below are a few excerpts from the article, “How to Protect your Business from a FREAK Attack.”
“What is a FREAK attack?
FREAK stands for Factoring RSA Export Keys. It’s a way of forcing a lower level of encryption on a website, browser or app data exchange. The lower level of security can be broken with a few hours of public cloud computing time, allowing an attack to be launched from a website, server or device thought to be secure. Passwords, personal and financial information, and other sensitive data are at risk.”
“Who is at risk?
Anyone with an unpatched TLS/SSL supporting server or mobile device is vulnerable to the attack. Once a server is compromised, hackers can hijack website functionality to capture passwords, personal and financial information and other valuable data. If your website is compromised, your customers’ data is at risk.”
“How does a business protect itself?
The way to prevent a FREAK attack is straightforward. Businesses should immediately disable support for TLS export cipher suites and other cipher suites that are known to be insecure, and update devices and browsers with a patch for the vulnerability. If you receive regular security updates for your servers the patch should be included in the next update.”
eMazzanti Can Help
Companies with inadequate data security are putting themselves at risk by increasing the likelihood of a successful attack. They may suffer the costs of a security breach, including the loss of customer data, revenue and reputation.
eMazzanti is ready to show business leaders how proactive patch management will protect customer data and safeguard valuable business assets from FREAK attacks and other online threats.
Strengthen network security and defend against loss of revenue and reputation with eCare managed data security services. To explore the options, contact eMazzanti Technologies at info(at)emazzanti(dot)net or call 1-866-EMAZZANTI.
Related resource information:
Windows Server 2003/R2 End of Support Is Coming
Russian hackers may have your info. Now what?
About eMazzanti Technologies
eMazzanti’s team of trained, certified IT experts rapidly deliver cloud and mobile solutions, multi-site implementations, 24×7 outsourced network management, remote monitoring and support to increase productivity, data security and revenue growth for clients ranging from professional services firms to high-end global retailers.
Serving more than 400 Hoboken, NJ, NYC area and international customers, eMazzanti has made the Inc. 5000 list five years running, is Microsoft’s Partner of the Year and Northeast Region Partner of the Year and a 5X WatchGuard Partner of the Year. Contact: Carl Mazzanti 201-360-4400 or emazzanti.net Twitter: @emazzanti Facebook: Facebook.com/emazzantitechnologies.
Download the free article: How to Select an IT Provider here.
Carl Mazzanti, eMazzanti Technologies, http://www.emazzanti.net, 201-360-4400, [email protected]
Share this article