Heartbleed: A Security Problem That Can Pose a Risk
Heartbleed: A Security Problem That Can Pose a Risk
A virus bug known as Heartbleed is becoming a nightmare for cyber security in recent times. Websites all over the world are facing problems on a large scale. Internet users are wondering if the password can be changed to prevent unauthorized access to email accounts and other sensitive information. Heartbleed uses an encryption technology that protects online accounts for numerous ecommerce ventures and online communication portals. Cyber security firms are scrambling to handle this latest emergency. Virus bugs can impact corporate productivity in a very negative manner. It remains to be seen whether hackers have taken advantage of this virus and accessed personal information before it was discovered. The threat was discovered by a Finnish security firm and a Google Inc. researcher.
The Canada Revenue Agency closed public access to their website citing the threat posed by this virus. The lockdown was in keeping with the security precautions taken by leading websites in other parts of the world. The US Internal Revenue Service indicated that it was not affected by the virus. Assurances were also provided by a US tax preparation software site, Turbo Tax that it was now guarded against the Heartbleed virus. Many cyber experts are encouraging the users to change their online passwords. Security analysis software designers are also wary about letting people ignore the risk of this bug. Google has advised Gmail users to retain their passwords because it is confident that the virus has not accessed their system. This is interesting because Google currently has over 420 million users.
Facebook has 1.2 billion users and it has also indicated that people need not worry about the Heartbleed virus. FB has however been encouraging their users to set up unique passwords for their account so that they cannot be accessed. Twitter and Amazon have also indicated that their websites were not accessed by Heartbleed in any way. Ebay Inc. has assured its shoppers that most of their services avoided the virus. Changing passwords on online services and websites are only part of the solution. The trouble shooting software is a more important for solving problems such as these. The bug has had a widespread impact though its effect in countries such as India is limited.
Yahoo Inc. and Google were the most vigilant when it came to issuing security alerts and insulating their websites and systems from this virus bug. Yahoo has also made a series of repairs to its services such as its home page, email, finance and support sections and search engine. Flickr photo-sharing and TumbIr are the chief services on Yahoo which were protected against the virus. Google has said it applied the Heartbleed patch on search engines, Gmail, YouTube and apps. Yahoo has also issued a notification that users should be able to rotate passwords and add a backup mobile number to the account as well. The number can also verify the user’s identity in case hackers can access the account through this bug.
Heartbleed works through encryption technology marked by a closed padlock and it makes users feel that traffic is secure. Through this flaw, the hackers can then spy on internet traffic even if the padlock has been closed. The keys for deciphering the encrypted data without letting owners know that their websites have been infiltrated is a major subterfuge for hackers and unauthorized interlopers. This virus affects only a variant of SSL/TLS known as Open SSL which is common on the internet.
Nearly 75% of website servers use Open SSL and this means that the information reached through numerous websites is vulnerable to unauthorized access despite being encrypted. Open SSL is most commonly used for emails and chats. It is also very popular for virtual private networks. This is the reason why Heartbleed has become a cause for heartache in the past few weeks. If you want to protect confidential and sensitive information from the eyes of unauthorized users, Heartbleed can be a massive headache.
Heartbleed has become a huge piece of news because it provided a clue as to the weakness in encryption during the time when major players like Microsoft and Google were expanding their security software technology. It is possible that Heartbleed led to personal or sensitive data being compromised, but this is just one aspect of the problem. Preventing virus such as these from attacking systems is only possible if good security systems are in place.