Data that flows through the internet, under normal conditions, is encrypted by the SSL/TLS encryption making internet usage safe and secure to use. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and so virtual private networks (VPNs). However, in recent times, hackers have been using an application called the Heartbleed Bug to reverse the encryption in popular OpenSSL cryptographic software libraries. The Heartbleed Bug allows hackers to access names, passwords and data content.
Whilst most of the popular internet services such as Facebook, Gmail, Yahoo, Instagram and Youtube have patched up their systems to prevent the Heartbleed Bug from reversing the encryptions on these sites, there are many versions of the OpenSSL software which remain vulnerable to attack and often these are ones used by businesses to protect their servers.
How big is the risk?
When the Bug was first disclosed on 7 April 2014, around half a million (17%) of the Internet’s secure web servers certified by trusted authorities were believed to be compromised. Unauthorised access to servers’ private keys, users’ session cookies and passwords were being made with the use of the Bug.
How does it work?
The Bug in OpenSSL works by firstly making an encrypted (TLS) connection to the vulnerable server. A heartbeat request is then sent and instead of real data being sent, the Bug tells the server to keep the connection alive. Data is then streamed off from the server, in the same way as a “heartbleed”, until some exciting data fragments is detected.
What should I do?
You may be tempted to change all the passwords used for emails and websites but it may be fruitless exercise if your server is already compromised.
The first point of call would therefore be to get an expert to check and assess the SSL/TLS used the protect your server. The process can indicate whether or not your server is susceptible to the Bug (or if your server is already “infected” and sensitive data is being bleed out).
Further, to be better protected now and in future, we recommend you implement 2-step authentication process to increase password/access security. See my article
http://www.onsitehelper.com/blog/99-2-step-authentication for further information.
The 2-step authentication process will protect you against the Bug for any services you use as an additional set of passwords are required for access which is not streamed through the internet and is updated upon each access.
Onsite Helper is offering a free consultation this week for any businesses that would like to discuss their risk from the Heartbleed Bug (and any other security concerns). We can implement the fixes and improve security on your network if required for a competitive quote.
For more information about Heartbleed bug take a look at http://heartbleed.com/
To check if your server or someone elses server you login to is at risk, perform a check on this site https://filippo.io/Heartbleed/