A major vulnerability within the OpenSSL cryptographic protocol has recently been exposed, and has become known as the ‘Heartbleed Bug.’ Unlike your average software bug, Heartbleed poses an extremely serious and immediate threat to everyone exchanging information over the internet. In fact, chances are that you have been either directly or indirectly affected by this bug already.
SSL is a heavily used encryption method used to send private information securely over the internet. Whenever you see “https” in a website’s URL that site is using SSL technology to retrieve your information in a secure manner. However, the most popular version of SSL called OpenSSL contains a flaw which allows unscrupulous persons to retrieve data from any server protected by the protocol.
The bug stems from a procedure in OpenSSL where a computer sends a ‘heartbeat’ message to a server in order to check if a connection is still open. Malicious users can manipulate these ‘heartbeat’ messages in a way that tricks the server into sending data stored in the server’s memory. This data can contain anything from account passwords to credit card numbers. In the worst case scenario a server could ‘bleed’ its own cryptographic key which can then be used to decode any messages sent to and from the server. Making matters worse, exploitation of this bug is completely untraceable and undetectable.
This vulnerability only exists within a few versions of OpenSSL and patch for this bug is already available and is currently being distributed. However applying the patch does not cover all your bases and there are several additional steps required to mitigate the damage if your server has been exposed. For instance, the passwords for each and every single user within your organization should either be changed or reset, also any SSL certificates should be revoked and reissued.
While dealing with this bug, an overall inventory should be taken of your network’s security measures. The technicians at Contoured Solutions can not only help you through every step of the Heartbleed mitigation and recovery process, but also help improve the overall security of your company’s confidential information. They have experience protecting information with multiple layers of defense. For instance, an intrusion detection system can be installed which will monitor network traffic in real-time and look for any suspicious activity so it can be dealt with immediately.
If you believe you may have been affected by this vulnerability, please contact us to see how we can help you with it and all your other information security needs. You can test your website for the Heartbleed vulnerability here: https://filippo.io/Heartbleed/