Heartbleed bug: Secured transactions were not safe.

What is the Heartbleed bug?

Heartbleed bug is a flaw that existed in secured networks for the last two years. Yes, you read it right the bug existed for the last two years. It was recently discovered by Codenomicon, the Finnish firm which uncovered the bug. Heartbleed bug opened a window for intruder to steal user data from secured networks. Security experts believe that not much the Internet users can do to protect themselves from the recently uncovered “Heartbleed” bug. The bug resides on the website’s encrypted servers so the issue needs to be fixed at the server end.

Secured and Encrypted Networks:

You would have recently observed that facebook moved from its usual unsecured http://www.facebook.com to the secured https://www.facebook.com. “Https” stands for “Hyper Text Transfer Protocol Secure.” It means that any information exchanged between user and the web site is encrypted and cannot be stolen in transit. The data is transmitted through SSL or Secured Socket Layer.

What has Heartbleed bug done?

Heartbleed bug has created an opening in the secured layer of the encryption software OpenSSL. It is a widely used open-source software program used to encrypt Internet communications. Almost two third of the web servers hosting secured websites use OpenSSL software. After the bug news was broken, immediately an update to fix the bug was released. So it was now up to the web servers to implement this update.

Secured transactions including online bank transactions were they really safe?
heartbleed bug hacker vulnerability
Image courtesy of Salvatore Vuono / FreeDigitalPhotos.net

For the past two years the bug existed and went un-noticed. It is believed that even hackers did not notice the opening. But if the data was stolen from the servers is not really known. From email to your banking online transactions everything was transmitted via Https to keep it secured. Suddenly world has come to know that the lock icon which told them that the transactions that they had considered safe weren’t really. The encrypted data sent over the secured network could be deciphered and decrypted by the hacker.

Increase in Hacker’s Activity:

A sudden increase in hacker’s activity was noticed after the news broke out. Hacker’s broke out with server scans across network. By Wednesday a tool was released by Rapid 7 and suddenly the hacker activity spread around the world like fire and the number of scan attacks increased.

How can you be safe?

There is not much end users could do to safeguard their interests. The web servers need to update and fix the security hole. However users should go on with changing all passwords and security information from email to banking. Only time will tell what damage has been done by the Heartbleed bug.

Related Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *