We have been receiving a lot of calls from our customers lately asking about Heartbleed. People are asking what it is, and how they can protect themselves. Below is a description of Heartbleed, and what you need to do to start regaining your internet security.
What steps should you take?
Heartbleed needs to be taken VERY seriously, and as a result the steps to start solidifying your internet security again are going to be cumbersome.
“Due of the complex nature of this vulnerability, changing your passwords before sites update their version of OpenSSL won’t fully protect you.
Here are some simple steps you can take as a precaution:
- Change your passwords on any website that contains sensitive information about you. You should first confirm that the site does not contain the Heartbleed vulnerability by using this tool HERE.
- If you’ve reused passwords on multiple sites, it’s especially important to change them.To change your Norton Account password, visit manage.norton.com and click Account Information.
- Beware of phishing emails and type website addresses directly in your browser instead of clicking on a link through an email.
- Monitor your bank and credit card accounts for unusual activity.
We recommend you only exchange personal or sensitive information such as your credit card number if the site is not affected by Heartbleed.” – Norton Antivirus
Read on to find out more on Heartbleed.
What is Heartbleed?
Heartbleed is a bug that was discovered with the way private information is encrypted over the internet. When you are accessing a website, your computer is communicating with it by both sending and receiving information back and forth. Majority of the time this is done through a security tool known as OpenSSL. Heartbleed is the name of the bug that has shown to be a flaw in the way this process works, and in turn made all of this information that has been sent between the internet and your computer visible and accessible to anyone who is looking for it.
What makes the Heartbleed Bug unique?
Most bugs come and go and are fixed by new versions. However this bug has left large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously.
What type of people and websites are affected by Heartbleed?
Over 80% of all websites on the entire internet have been affected by this bug. The result leads to a terrifying number of people who have been affected or at least susceptible to it. Furthermore you might have client side software on your computer that could expose the data from your computer if you connect to compromised services. In fact, since over 90% of people on the internet have been vulnerable to it, Heartbleed is now known as the most catastrophic thing that has happened on the internet since it’s creation. To reiterate, banks, social media, news websites, blogs, e-mail, and websites with streaming content have all been affected thus making you the consumer vulnerable. Below is a very small list of some of the websites that have been affected.