Call Today! 877-310-9575


The Aftermath of Heartbleed

 

What is the Heartbleed virus? How did it affect you privately or within a company? And what steps should you now take in the wake of its turbulent path?

Image of a red heart dripping red streaks in the aftermath of heartbleed

The Heartbleed bug or virus is in the OpenSSL implementation of the SSL\TLS (Secure Socket Layer\ transport layer protocols) heartbeat extension (RFC6520). Heartbeat is a programming error that leaves all forms of internet data open to hackers. The programming error came about during enhancements of OpenSSL. A line of code had a variable missed by the programmer. When it is compromised, it leads to an attack on the memory contents from server to client and client to server. That means it can exploit your login information that encrypts various websites you login to. This then allows hackers to capture usernames and passwords to steal information from your web accounts.  So, you can tell why it is called Heartbleed, because it attacks the most data-encrypted entity known to the Internet. It is a very serious bug.

Here is a fantastic visual explanation of how Heartbleed works.

It can affect you personally and your company depending on the websites you go to, like Facebook and Yahoo. Take a minute and write down the websites you use on a consistent basis. Then, go to those websites and change the passwords. Although some experts also say to wait until the website is repaired before changing the password. Because if the website is not fixed, you may still be affected by the virus. On the other hand, if you do wait for the website company to fix the problems, you can also be susceptible to attacks. I suggest you review the sites affected and make your own decision on if you want to change your security information now or later. However, most of the major websites affected have issued statements declaring they have been patched.

If you are a company and you are using weak passwords for websites you login to do business, you should change them to a stronger password. Here is a resource you can use to see if a website was affected by the virus. Keep in mind this is only one website of many you can go to. If you are not sure if you should update your account, then change the password to websites you log into just to be safe.

There are also tools that you can put in your websites you use with a security key (password) and see if they are affected and whether they have been fixed. You can check and then change your password, or just change the password. Whichever you choose is up to you.

I encourage you to do your research on the Heartbleed bug/virus as it is not something to be overlooked, because of the impact it has on a lot of your accounts on the internet. Keep yourself safe and keep your business safe by taking the appropriate security steps in the aftermath of Heartbleed.

Comments

comments

This entry was posted in IT, Technology and tagged , by Mark Hill. Bookmark the permalink.

About Mark Hill

Mark Hill joined Sound Telecom in 2009. During his tenure, he has overseen every position within Sound Telecom's Information Technology Services group. Mark is now Sound Telecom's IT Supervisor. Mark oversees the company's entire IT infrastructure on a 24/7/365 basis. This includes the Spokane, Seattle and Denver facilities. Mark began his career in project management. He completed his IT degree in Spokane as an ITT Technical Institute graduate where he received a Bachelor of Science in Information Security Systems along with a minor in Networking Infrastructures. Mark is also a United States Navy veteran. He is a regular weight lifter and bodybuilder and enjoys spending time with his family.