The discovery of Heartbleed last week caused widespread panic in tech savvies and users alike.
Protecting yourself might mean changing your passwords, but the extent to which your cyber security has been undermined is extensive.
The bug comes from a flaw in the OpenSSL software library that’s coded into the most basic level of the web, and has been undetected for two years. The vulnerability compromises a website’s ability to protect and encrypt passwords, allowing attackers to steal data, such as names and passwords, directly from the services.
Admittedly, the flaw is a oversight rather than a maliciously intended attack. However, that doesn’t diminish the threat that it poses. The Independent stated that the exact number of websites affected is unknown, though the lower estimates stand at around 500 million, with notable web companies such as Google, Facebook, and Yahoo all being forced to update their software.
To add to this mix, is the world of online banking. Although Lloyds, HSBC, RBS, Natwest, Santander, and the Co-Op have all stated that they weren’t affected, this doesn’t diminish the possibility that your details have been compromised through third party providers, such as Gmail. There’s also the unknown impact on mobile devices. As reported in The Telegraph, millions of android smartphones and tablet users remain vulnerable, a week after the bug was made public.
So what is there to do to fix this problem?
The advice is contradictory as to whether you should change your password or not, I’ll leave that option up to you. However, you can do a Heartbleed test, to see whether certain sites have been affected. The reach of this fault is unparalleled and poses a huge threat to security, from making payments online, to logging in to your email account. I know I’ll be looking into what’s been affected and what the best steps are to protect my personal data.
Heartbleed brings cyber security to the fore, and although there was nothing you could do to protect yourself from this vulnerability, there are multiple ways to protect your business and personal data from vicious attacks. Why not download the Cyber Security brochure to see what topics you should be thinking about to protect your data online.
You can also visit the Cyber Security Briefing website and register your interest to attend.
As the Heartbleed bug demonstrates, a cyber attack/vulnerability is not about, ‘if an attack happens’, but rather, ‘when an attack happens’.