|

What Consumers and Businesses Need To Understand About Heartbleed

internet security

Image courtesy of feelart / FreeDigitalPhotos.net

The security problem that “Heartbleed” affects isn’t just tied to websites. It could also affect the networking equipment, connecting homes and businesses to the World Wide Web.

It’s not yet known how extensive the damage Heartbleed has caused, but it’s a defect for security technology with many websites and equipment makers. This defect puts at risk people’s personal data including passwords, credit card numbers, etc.  The threat circulated quietly for two years so it’s not known if any attacks were the results of it. There have been no visible footprints.

Coalfire’s Vice President of the Information-Technolgy Audit and Compliance Mike Weber said now that Heartbleed is public, many hackers will do what they can to exploit the issue before repairs are put into practice.

Juniper and Cisco, two of the largest networking equipment manufacturers, have stated some products they sell have the bug. However, experts have said the issue could be bigger – companies who sell Internet-connected devices may actually be infected Heartbleed (Blu-ray players, for example).

Darren Hayes, Pace University’s professor of security and computer forensics, said many people are concerned about the issue. And, for security professionals, there’s liable to be no slowdown in the next few months. Customers are going to look at them for the answers to their questions.

What are some of the things people and businesses need to understand about the Heartbleed flaw and the effects it can have on networking devices?

1 – In what way are networking devices affected?

Some networking equipment, like websites, use a variant of the SSL/TLS called OpenSSL, which is the tools that includes the vulnerability. Such equipment can include firewalls, switches and routers.

Like websites, hackers could possible use Heartbleed to make their way into a system, in order to steal personal information and passwords.

2 – How Can You Protect Yourself

Security experts have repeatedly said people and businesses need to change passwords. However, if the company with the software hasn’t put in the necessary fixes, it won’t help at all. Devices, on the other hand, are a different story.

Websites can be fixed pretty easily with a quick installation of a software update. Device makers have to look at every product to determine what needs fixing and what doesn’t.

Juniper Networks Inc. and Cisco Systems Inc. are using their websites to inform their customers about their products – what is vulnerable, what’s been fixed and what ones are not affected.  Owners can install software updates to fix products that have been affected.

Hayes applauds both companies for being honest with their customers. However, he said, many companies make products similar to theirs and may be infected but have yet to say, “Yes, we have the bug”.

Therefore, consumers are advised to look at the device manufacturer’s website if they believe there is an issue. They need to be assiduous in the installation of software updates they get.

Weber said companies can do checking for themselves in regards to their networking equipment, but they mainly rely on device manufacturers to tell them what’s up.

Companies need to ensure their business partners are not infected with the bug as well.

3 – What Other Devices Could Be At Risk?

According to Hayes, the bug could possibly affect all home devices that are connected to the Internet – Blu-ray player, security systems, lighting systems, smart thermostats systems, etc.

He said the extent of the infection is not known and many home devices could be affected by Heartbleed.

Online News Heard Now

Short URL: http://www.onlinenewsheardnow.com/?p=2925

Posted by on Apr 12 2014. Filed under Business, Featured, New, Sci/Tech. You can follow any responses to this entry through the RSS 2.0. Both comments and pings are currently closed.

Comments are closed

Recently Commented

  • Linda: I was diagnosed as type 2 last year, my weight was 125kg, my doctor wanted me to start insulin and encouraged...
  • Meow: (at 12:30am)
  • Meow: They filed on Tuesday.
  • Manxe Kitairn: Also … no mention of Chrome OS. You would think that Google would start such a radical change...
  • DJ Allyn: Ever since the upgrade, I’ve noticed Chrome running a lot slower. Chrome has suddenly become a...