Share this on:
 E-mail
23
VIEWS
0
COMMENTS
 
SHARES
About this iReport
  • Not verified by CNN

  • Click to view NewYorkPI's profile
    Posted April 1, 2014 by
    NewYorkPI
    Location
    New York, New York
    Assignment
    Assignment
    This iReport is part of an assignment:
    Tech talk

    Bo Dietl Recent News

     
    Bo Dietl gives us some of his thoughts on how hackers steal credit cards, and how you can protect yourself and your loved ones from being a victim. Bo also tells us how we can secure our (Wordpress) websites to help prevent hackers from stealing our personal information.

    Bo Dietl On How to Prevent Hacking:

    With e-commerce sales in the billions, e-commerce web sites make a great target for hackers to steal credit cards, and try to be anonymous and not get caught. While the companies that host e-commerce sites and process their credit cards provide SSL certificates, tokenization, encryption and firewalls, it is not enough to prevent a hacker from stealing credit cards.

    You can have the best security available on the hosting and processing side of an e-commerce transaction, but if the actual website from where you shop is not secure it's meaningless, ITS LIKE BOLTING YOUR BEDROOM DOOR AND WINDOWS AND LEAVING THE FRONT DOOR TO YOUR HOUSE OPEN. Both the hosting company and the credit card processing company want to make sure your credit card is secure on their side of the transaction to protect them from the liabilities associated with credit card theft. The problem arises when you are shopping at a website that's not secure, making your selections and proceeding to the check out; at this point it's too late, and the hacker has all he needs to steal your credit card and personal information.

    Websites are created with different types of application software and they all have the same type of security issue, which is keeping up to date with security patches for their website. When a security advisory is issued, it is sometimes weeks, or even months, before the security patch is released to correct the vulnerability. Even if you are very diligent and keep up with this tedious process, it stills leaves open this critical window of time between issuance of the advisory and the security patch, which is the most opportune time for the hacker to attack.


    Prime time for the hacker - As the security advisory is issued, the hacker can perform a simple Google query and get a list of all the websites that are effected by this new vulnerability. At this point, it does not matter what type of firewalls you have in place, SSL certificates or tokenization & encryption; the hacker can steal credit cards from the website.

    WordPress is the most popular type of website application software, with over 75 million sites currently, and adding almost 150,000 new websites each day. Being the most popular website also makes it the most attractive to the hacker. WordPress has over 23,000 plugins and themes available and issues over 2,000 security advisories each month.

    Bo Dietl's Advanced Cyber Security is an expert in WordPress security, and has proprietary technology that can keep a WordPress website safe in the critical time between the vulnerability advisory, and the weeks or months until the release of a security patch. The WP Cyber Security Shield is automatically updated at the time of the security advisory which looks at what type of vulnerability is being reported, and sends code to your WordPress website to block that type of attack while you are waiting for a new security patch to be released.

    THE WP CYBER SECURITY SHIELD CAN PROTECT YOUR WEBSITE EVEN IF YOU FORGET TO UPDATE YOUR PLUGINS. The need for up-dating websites is constant and ongoing, and for that reason 90% of all websites contain outdated plugins which are vulnerable to attack. By using unique algorithms, THE WP Cyber Security Shield is able to look at the outdated plugins, index against security advisories and block the attack vectors from which the outdated plugins are vulnerable. This same concern is true with Doctor's offices who have websites and must remain HIPPA compliant. The methodology used by a hacker to steal credit cards is the same to steal patient information.

    Another easy access method for a hacker is to inject code into a blog site. Most companies neglect their blog site as it runs on a different network than the core business, which is a big mistake. Most blog sites are WordPress and require the same security as an e-commerce site to protect a consumer. As suspected in the Target hack, it is thought that a Target employee may have gone to an infected website, which enabled the hacker to gain access to the employee's computer, and eventually gain access to network credentials.

    The WP Cyber Security Shield can protect a WordPress website from attacks that can lead to credit card theft, taking over the computer of a person who is visiting a site, or in the case of a Doctor's office, theft of patient information.


    Bo Dietl's Advanced Cyber Security offers free unlimited web scanning of WordPress websites.

    What do you think of this story?

    Select one of the options below. Your feedback will help tell CNN producers what to do with this iReport. If you'd like, you can explain your choice in the comments below.
    Be and editor! Choose an option below:
      Awesome! Put this on TV! Almost! Needs work. This submission violates iReport's community guidelines.

    Comments

    Log in to comment

    iReport welcomes a lively discussion, so comments on iReports are not pre-screened before they post. See the iReport community guidelines for details about content that is not welcome on iReport.

    Add your Story Add your Story