Most probably Heartbleed is going to be the vulnerability of the decade in the internet history. You might have heard the word Heartbleed, received bunch of mails from your favorite web services. This article will help non-technical people to understand What Heartbleed is, and how to be immunized to the bug.
Heartbleed is a bug disclosed to the public on 7th April, 2014. It is a vulnerability in the open source SSL(Secure Socket Layer) cryptography library. This open source OpenSSL is software implemented in server side which is responsible for security and integrity of the data while in its transmission. The communication between your system/PC and the web server have to be sent through a secure line to avoid attackers to eavesdrop in the middle. Whatever URL that has ‘s’ at the end of http like htts://domain.com, you know for sure those sites implementing the SSL for security. To avoid this middle man attack all the data sent through this secure line is encrypted in the both end while sending and de-crypted at the other end.
Its like sending messages as cipher, to decode the cipher the PC or your Server needs the key. These keys are digital keys that has to be exchanged between the two communicating ends. Meanwhile the connected PC continuously checks the liveliness of the link by requesting a signal from Server. The server sends the signal to all the connected nodes (PCs) in a ordered frequency. This signal is called ‘Heartbeat’. If the end node doesn’t get this heartbeat signal for a moment of time, then it assumes the server is down and closes the connection.
Here comes the vulnerability part. When a node request for a heartbeat signal from the server with a particular size, the server will respond to it with the data it needed at the same size requested. But it failed to check the validity of the size. So if a hacker requests for the heartbeat signal with some little big size than it needed, then the server respond with the data it needed and for remaining size it adds up the data from the server memory. Unfortunately that data are very critical sensitive data of users of the server, that includes passwords, credit card numbers, and most of the unencrypted data and other cookie information, session details etc.
It is believed more than half a million web servers were affected by this, and millions of data has been hijacked. No body is sure with the infographs of this attack, but many web services openly accepted they were victimized.
It seems Google patched their servers on March 21st and Cloudflare on 31st. Cisco announced that its most of the equipment has been vulnerable to this attack, which in turns leaves our sensitive data at risks. We know CISCO’s hardware constitutes the majority of internet.
How to be get immunized from this bug… Solution is simple, change all your login credentials like passwords, security questions, PINs etc. Log out of all the accounts from all the devices you use and login again with new passwords. Update all your softwares, apps. This applies for all the services. All other steps has to be taken by your service offerers, as they have to update their OpenSSL with the patches for the bug.
Not all the websites has been attacked, it is a guess that most of them were. Ironically the services which hasn’t update their OpenSSL for long time stayed secure. And the early adapters of the patch also immune to this attack. As I am using LastPass for managing my digital credentials, it helped me finding the attacked websites and I changed my passwords for those sites which listed under attacked.
Hope the article helps. Will see you in another. Don’t hesitate to register your views in the below comment box.