A new bug puts trust on the Internet at risk on a significant scale. The bug, dubbed ‘Heartbleed’, is based on a fault in functionality in the widely used OpenSSL library. This library is extremely widely used from security vendors products to secure web browsing and even mobile banking applications. So what exactly does this bug do and why should you care?
When the bug is exploited, the attacker can retrieve memory (up to 64kb) from the remote system. This memory may contain usernames, passwords, keys, or other useful information that enables bigger attacks. There are all kinds of variations that might be possible based on the ability to read this memory. 64kb may not seem like a great deal of data, but of course the attacker can connect repeatedly and progressively collect more information. This is a serious problem. It is very difficult, if not impossible, to retrospectively identify if someone attacked your systems so it is better to play it safe. You should assume that your system has been compromised, and re-set your credentials as soon as possible. There are some services which allow you to check if a service is patched but in some cases, such as with mobile app implementations, it is not simple.
What should you do to protect your services?
1. Check whether your website, apps, or any other product uses Open SSL and whether they are vulnerable to the attack.2. There is a neat site at http://filippo.io/Heartbleed/ where you can quickly run the check. Regenerate any private keys that your site uses once you have patched.
3. Update Open SSL to the latest version, which fixes the defect. This is not an automatic process in many cases.
4. Check the state of the your SSL configuration for your website and mail services.
5. Call perITech Solutions to assist 502-882-5555 (local) or 855-202-8012 (toll free)