dinCloud chief security officer Garret Grajek was quoted in a recent SearchSecurity article that elaborated on the use of fake SSL certificates following news that GoGo, an in-flight Internet provider, was issuing them to customers. The news brought up security concerns around what are deemed man-in-the-middle attacks. Grajek explained he believes user education must improve to avoid potential attacks via fake SSL certificates as users become more aware of on-site warnings from their browsers.
In the article, Grajek says, “We have seen man-in-the-middle attacks for years – there is no reason to suspect these attacks to lessen despite the ominous warnings the browser manufacturers have put in place concerning ‘invalid server certificate’…Hackers count on most (or some percentage) of users to just ‘click through.’”
To learn more about these attacks, read Grajek’s latest blog on the topic, or read the complete article online fromSearchSecurity.