A recent NSA hack by researchers reveals a new network vulnerability that puts sensitive customer and business data at risk
Recently a new type of hacker threat has come to light. The NSA had their thought-to-be-secure website compromised by researchers employing a FREAK attack to demonstrate how criminals might, with minimal effort, profit from the technique by stealing passwords, personal information and financial data. Hackers, now familiar with the technique, will be looking for susceptible targets.
What is a FREAK attack?
FREAK stands for Factoring RSA Export Keys. It’s a way of forcing a lower level of encryption on a website, browser or app data exchange. The lower level of security can be broken with a few hours of public cloud computing time, allowing an attack to be launched from a website, server or device thought to be secure. Passwords, personal and financial information, and other sensitive data are at risk.
The weakness that a FREAK attack exploits originated in the 1990’s when U.S. Government rules prevented the export of strong encryption technology in a misguided effort to facilitate spying on overseas targets. Compatible software, designed to allow a connection with weaker encryption keys has persisted, largely unnoticed, until the recent attacks prompted researchers to reveal the vulnerability on March 3.
Who is at risk?
Anyone with an unpatched TLS/SSL supporting server or mobile device is vulnerable to the attack. Once a server is compromised, hackers can hijack website functionality to capture passwords, personal and financial information and other valuable data. If your website is compromised, your customers’ data is at risk.
The vulnerability is widespread, up to 5 million websites have the weaker SSL encryption connection technology. The number of actual attacks is unknown. It takes a hacker just a few hours to crack a vulnerable website’s encryption key. Once he has access, malware can be loaded to cause damage or capture sensitive data.
How does a business protect itself?
The way to prevent a FREAK attack is straightforward. Businesses should immediately disable support for TLS export cipher suites and other cipher suites that are known to be insecure, and update devices and browsers with a patch for the vulnerability. If you receive regular security updates for your servers the patch should be included in the next update.
Patches must be applied to have any effect. Proactive patch management, available with eMazzanti’s eCare managed services and accomplished through regular, automated updates, is the best way to guard against a FREAK attack. Our trained and certified IT security experts can help concerned companies evaluate their exposure to FREAK and other online threats with an IT security evaluation.
Organizations can also get more information about susceptible servers and learn if their browser is vulnerable to FREAK at the FREAK Attack
website.
For mobile devices, check with your carrier or manufacturer to see if browser updates are downloaded automatically. This is true for supported Windows 8 devices but not for some other well-known mobile operating systems.
Developers must also update their apps to close all possible avenues of attack. Since a variety of products must be repaired to eliminate the FREAK vulnerability completely, businesses should make sure that all of their business servers, websites and apps have been patched.
Should I do more?
Conscientious patch management should prevent a FREAK attack, but new threats emerge every day. Organizations must develop a security-first mindset and partner with IT security experts to maximize protection.
While hackers may be thought to target primarily large companies, the National Small Business Association recently reported that 44% of companies surveyed had been hacked. Small businesses invest less in security technology than large companies, making them attractive targets.
When choosing the level of protection for their networks and data, companies can opt for greater security, customer satisfaction and peace of mind by partnering with an IT security expert for managed security services, or they can choose to go it alone to implement data security measures.
Businesses should, as a minimum, follow these basic steps to protect their networks and devices from threats:
- Systems and devices must be patched with the latest security updates.
- Firewalls should be configured properly and monitored to detect and thwart online threats effectively.
- Businesses should use advanced firewall technology rather than consumer grade solutions.
Unexpected cyberattacks and other threats can strike at any time. eMazzanti recommends that companies employ the latest advanced security technologies by contracting for managed IT security services.
eMazzanti Can Help
Companies with inadequate data security are putting themselves at risk by increasing the likelihood of a successful attack. They may suffer the costs of a security breach, including the loss of customer data, revenue and reputation.
eMazzanti is ready to show business leaders how proactive patch management will protect customer data and safeguard valuable business assets from FREAK attacks and other online threats.
Strengthen network security and defend your business from loss of revenue and reputation with eCare managed data security services. To explore the options, contact eMazzanti Technologies at [email protected] or call 1-866-EMAZZANTI.