Categories: Technology

We Ask: Will The Heartbleed Bug Affect My Business?

It was on December 31, 2011, that a piece of flawed code in the Heartbeat Extension was implemented into OpenSSL. This piece of code, which was later to be named the ‘Heartbleed’ bug – or CVE-2014-0160 as it’s known in technical terms – has made headline news throughout the world, invoking a sense of paranoia rather than a genuine understanding of the issues at stake. As with most news stories which are complicated in nature, the general impact is one of fear.

This is quite natural considering our passwords and privacy may have been exposed to third parties, and the fact that very few of us have expert knowledge of the ins-and-outs of OpenSSL software. We need to understand if our fears are legitimate or not, so let’s have a look at what exactly Heartbleed is?

Heartbleed affects OpenSSL. OpenSSL allows your computer to communicate with various websites without information being made available to anyone looking in. Without this, usernames and passwords could be readily exposed, especially on vulnerable mobile devices.

The communication described above, between computer and server is called ‘heartbeat.’ In the past heartbeat only sent back the same info that it received, but with the Heartbleed bug, it can request extra data of up to 64kilobytes. Although this isn’t much, it can keep requesting as much as it feels necessary to extract the amount of information it needs. This is why the bug was dubbed the ‘Heartbleed’ bug.

Business often relies on OpenSSL and has duly rushed to upgrade to OpenSSL 1.0.1g, but it’s hard to assess what damage may have been done or what information might have been stolen.

Businesses often use an Enterprise Mobility Management Solution (EMM) to upgrade their security. Management platforms like MDM or MAM are very popular, and could gain more status in the weeks to come. Users of these services tend to stress that the above solutions must be properly configured for them to work to their full potential. It has been an even bigger concern after [pullquote]April 7, 2014, the day Heartbleed was publicly disclosed.[/pullquote]

Modern business is now crammed full of company issued smartphones, tablets and laptops, so awareness of these dangers should be paramount to any organisation which values its security.

Businesses have been updating security certificates en masse due to rare cases of banking apps being hooked up to servers that were vulnerable to attacks.

It was initially thought that around 60% of servers may have been affected, which makes the furore more understandable; now they estimate it may have afflicted around 17% of servers which will be a big relief to a lot of businesses.

We live in a world of complicated technical jargon and we can’t be expected to understand every piece of information we are warned about in the media. What we can do on an everyday level is to change our passwords more regularly and never use the same passwords across a range of different websites. To the everyday user of modern technologies this seems to be the best advice to tackle Heartbleed. Business users should look into EMM solutions on top of Open SSL.

The question we ask is, will Heartbleed affect my business? Well, it could if you’re not up to date with your security patches. However, it should come as a relief that only 17% of servers were actually affected by the Heartbleed bug, but anyone concerned about their mobile phone may want to install patches to Android 4.1.1, which Google claims is the only version of its OS that could be affected.

Heartbleed – Believed To Have Affected 17% Of Servers

Image: ZDNet
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

Evan Ciniello: Using Surreal Imagery To Convey Unease In “Diaspora”

Evan Ciniello’s work on the short film "Diaspora" showcases his exceptional ability to blend technical…

22 hours ago

BOM’s Spirit Of Independence Awards Shine In West Hollywood

It’s my first time attending the BOM Awards, and it won’t be the last. The…

23 hours ago

Tips To Match Your Leather Lounge With Your Interior Decor

Leather lounges are a renowned choice for their durability and versatility. In the range of…

23 hours ago

Navigating The Jet Charter Industry: A Comprehensive Overview

Charter jets are gaining in popularity, as they allow clients to skip the overcrowded planes…

24 hours ago

The Importance Of Cloud Computing And Cybersecurity In Today’s Tech Landscape: Mike Robinson Of Utah, Shares His Perspective

Cloud computing has transformed how businesses operate, offering flexibility and efficiency at an unprecedented scale.…

1 day ago

7 Key Factors To Consider For Successful Live Betting In 2025

Live betting is the in thing in the online betting industry. The ability to place…

1 day ago