LogJam Is The New HeartBleed… ATM Theft Is Out Of Control
Cybercrime is Soaring – The Need For Qualified Security Providers is Great!
If you’re looking for the big technology growth areas – security is it.
Did you read the Wall Street Journal Yesterday? Several important articles. First, you’ll want to know what LogJam is. This SSL vulnerability is a result of the US 1990’s export restrictions on encryption. US Law limited encryption codes that could be generated by “international versions” of US-made software, mainly web browser applications.
These restrictions no longer exist, however the SSL weakness comes from something called a Diffie-Hellman key exchange, allowing a website to be compromised by a “man-in-the-middle” attack. From my reading, this approach may have been used by the NSA in monitoring communications between some foreign countries – but could also be used to attack companies you work with.
The patch is coming – but the experts expect about 20 thousand websites will no longer be visible online once the patch is in.
Second, the ATM Crisis Is Mounting.
Two important soundbites were published yesterday on ATM security. (1) Non-bank ATM skimming has grown over 350% in the past year. Bank-owned ATMs saw more than 170% growth. Between camera technology and skimmers mounted on the fronts of the ATM machines, our cards are being stolen at an alarming rate. (2) While banks are scrambling to convert to chip and pin cards with merchants, ATMs will likely be vulnerable for at least another year.
While this might not be something your company deals with – small business owners should be aware that, while personal accounts are often covered when someone does gain access to their account, small business accounts may not be.
We covered this in detail in my recent SVLC Insider’s Circle Interview with John Sileo – ID Theft Expert. If you don’t have John’s interview recording, you can join the Insider’s Circle and I’ll send you a copy of the interview (Read More Here).
Other recent articles talked about the urgency for businesses to move toward cloud and digitalization, and Google’s new approach to security. It’s all coming together – but in order to be in the game, your company will need to ramp up in certain areas. This is not managed services as you know it, and it’s not firewalls and firewall management either.
© 2015, David Stelzl