April 8, 2015

Share Everywhere

Have You Heard About the FREAK Attack?

Discovered in March 2015, the FREAK (Factoring RSA Export Keys) bug presents the latest security threat to computers and mobile devices. Although companies like Microsoft and Apple are working to address potential security breach issues, the bug is proving more widespread than experts first thought.

During a FREAK attack, a hacker can change the network traffic between you and a destination server, reports security research firm Sophos. That means the attacker can trick a server into using a much weaker form of encryption when you’re online, opening you up to a potential security breach. A FREAK attack might occur when you’re doing online banking, for example, or checking a web-based email account.

The bug doesn’t play favorites, either. It can affect both Windows and Mac users, as well as mobile devices that use Android or iOS.

Security breach concerns related to FREAK caused Australia to shut down its online voting system, after determining that tens of thousands of votes may have been manipulated. Microsoft also issued a warning that millions of people might be at risk of losing data, since the bug could be used to spy on information passing between web servers and web users.

Getting to Lockdown

The security breach possibilities are so great that major technology providers have been aggressive in putting together security patches that address FREAK. Microsoft, Apple, Google and Cisco have all issued security updates. Apple even created a fix for its Apple Watch, which isn’t being released until later this month.

For everyday users, these actions are happening largely behind the scenes — unless you’re the type who enjoys tweaking security settings on your computer and smartphone.

But we can all take one major action to protect against a security breach: Always install security updates that come from reputable manufacturers like Microsoft and Apple. Security researchers at these companies are constantly creating new defenses against bugs and viruses. If you don’t keep your computer or device updated with these fixes, however, they won’t do much to help you.

The FREAK bug is only the latest security breach issue, and it will be far from the last to make the news. As the pace of data breaches increases, identity theft will loom large, as these security holes can be used to steal personal and financial information. So be sure to check your bank account and credit card statement regularly.

In addition, consider adding another layer of protection by enrolling in IdentityForce’s UltraSecure+Credit. Your personal information will be monitored 24/7, and you will receive rapid notification of any suspicious activity. If anything does happen, IdentityForce will be with you every step of the way, so you can quickly restore your identity.

David Rabinovitz

Identity Protection Consultant at IdentityForce
David is aligned closely with c-level principals and provides them with coaching services focused on strategy, finance, ownership, deal structuring, and shareholder relationships, which led him to join one of his high-growth clients as their CFO. As a high-energy executive with a wealth of experience, David is a versatile corporate “fireman” who skills are often sought after to assess and resolve complex business challenges, as he brings critical insight for business leaders in transition.He is also a long-standing Special Crew Volunteer for Pan-Mass Challenge, an annual cycling fundraiser that strives to provide Dana-Farber's doctors and researchers the necessary resources to discover cures for all types of cancer.