Contact us +61295186000

National Technologies Group Blog

National Technologies Group has been serving the Sydney area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Urgent: Protect Yourself Against Heartbleed

b2ap3_thumbnail_bleeding_heart_three_400.jpgApril 7th 2014 was a big day for the world, not only because Microsoft ended security support for Windows XP, but because a massive security flaw was found in the OpenSSL cryptographic library. This problem, called the Heartbleed bug, was found by Google Security, and it leaks information from any applications and services utilizing OpenSSL. The problem, however, is not that it was found; the problem is that over two-thirds of the entire Internet contains sites that utilise the OpenSSL/TLS protocol specification. It also doesn't help that this bug has been active since December of 2012.

April 7th 2014 was a big day for the world, not only because Microsoft ended security support for Windows XP, but because a massive security flaw was found in the OpenSSL cryptographic library. This problem, called the Heartbleed bug, was found by Google Security, and it leaks information from any applications and services utilizing OpenSSL. The problem, however, is not that it was found; the problem is that over two-thirds of the entire Internet contains sites that utilise the OpenSSL/TLS protocol specification. It also doesn't help that this bug has been active since December of 2012.

The bug is not the result of a design flaw, it's an implementation problem, or rather, a programming mistake. Normally bugs like this are eradicated before they cause too much damage, but in this case, it has been out of hand for far too long. Unfortunately, there isn't much that can be done about this bug other than wait for the websites to patch the problem. Most providers have been quick to remedy the problem. This bug leaves no traces at all, so if it has been exploited, you likely will not find out until some damage has already been done.

Some of the most utilised cloud service sites on the Internet may be affected, including Google, Facebook, Pinterest, Yahoo, Twitter, GoDaddy and many others. It is recommended that you change the passwords of any accounts you use periodically, especially if they utilise the OpenSSL cryptographic library. Your data might be exposed if you've accessed any of these websites over the past two years.

Alternatively, if you aren't sure that your favorite websites have been exploited by this bug, input the URL here and see if a patch has been issued.

Don't wait until you are the target of an attack. Change your passwords and consider setting up a two-step authentication to ensure that you are the only entity that can access your personal accounts.

If you require any support in securing your business against the Heartbleed virus, or if you'd like a security health check, we encourage you to contact our technical team at National Technologies Group for further information.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Tuesday, 03 December 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image