Six months after discovery, Heartbleed bug still a threat

Talk of the Heartbleed bug these days is usually reserved yesteryear’s memories, the threat long forgotten and assumed outdated by

Talk of the Heartbleed bug these days is usually reserved yesteryear’s memories, the threat long forgotten and assumed outdated by our superior modern technology. However, recent research, as discussed by Bloomberg, shows a very different story.

Heartbleed was that memory-handling flaw in OpenSSL software uncovered in April that allows small bits of data in each “heartbeat” to be revealed. This can give attackers with the right know-how access to secret keys protecting user names, passwords and other digital data. Once obtained, an attacker can hack deep into an enterprise’s network to cause even more damage. An estimated two thirds of all websites were said to be vulnerable.

Join the iFX EXPO Asia and discover your gateway to the Asian Markets

The recent research has discovered that simply many companies have been lax in their implementation of the necessary patches and software updates. Some did not take action for more than a week after discovery, leaving ample time for an attacker to do much damage. According to Venafi Inc, more than half of the Forbes Global 2000 list of the most profitable companies have servers not fully protected.

Suggested articles

Going Past the Great Wall: Things to Consider When Entering the Asian MarketGo to article >>

The most recent high profile case was that of Community Health, where Chinese hackers obtained information of 4.5 million patients by exploiting their Heartlbleed vulnerability.

Bitcoin, which is especially susceptible to hacking and theft, is made even more vulnerable by the bug. Several exchanges and wallet companies took precautionary measures immediately after news of the threat broke.

 

Got a news tip? Let Us Know