Protective steps to help avoid a Logjam attack

David Pollino
Posted by David Pollino
Security

The Internet vulnerability known as Logjam is 20 years old, but that doesn’t mean you should consider it yesterday’s news.

Two men in front of business servers, inspecting a technical equipment item.Researchers from several organizations — including the University of Michigan and French research institute INRIA — have found that hackers could use a type of Logjam attack to decipher private information on about 7% of the top 1 million websites. Through such an attack, cybercriminals could see private communications or payment information that has been encrypted. For more details, Phys.org has an easy-to-understand technical explanation of the vulnerability.

For business owners and consumers, there are a few steps you can take to protect yourself, your business, your customers, and business partners.

(At Bank of the West, we have updated our security monitoring systems to detect suspicious activity related to this vulnerability. And we are encouraging our users to update their browsers to a version not vulnerable to this attack — see below for more detail.)

If you’re a business owner, and your business runs a server:

If you have a Web server or a mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. For a detailed explanation of steps to help protect your servers, read this “Guide to Deploying Diffie-Hellman for TLS.”

If you use a browser or you have employees who use a browser at work:

Make sure your computers are using the most current version of your browser, whether you use Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, or Google Chrome. Check for updates frequently.

Have questions or suggestions about Logjam? Post questions or thoughts in the comments section, and I’ll respond.

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

  • Anonymous says:

    Thank you, I have just been searching for information approximately this subject for ages and yours is the best I have came upon till now. But, what concerning the conclusion? Are you certain in regards to the supply? kefdekekfgedgged

    Reply | 5 years ago

Submit an Idea

[contact-form-7 id="32" title="Share An Idea"]

You are leaving the Bank of the West Change Matters site. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Change Matters site.