Categories: Technology

We Ask: Will The Heartbleed Bug Affect My Business?

It was on December 31, 2011, that a piece of flawed code in the Heartbeat Extension was implemented into OpenSSL. This piece of code, which was later to be named the ‘Heartbleed’ bug – or CVE-2014-0160 as it’s known in technical terms – has made headline news throughout the world, invoking a sense of paranoia rather than a genuine understanding of the issues at stake. As with most news stories which are complicated in nature, the general impact is one of fear.

This is quite natural considering our passwords and privacy may have been exposed to third parties, and the fact that very few of us have expert knowledge of the ins-and-outs of OpenSSL software. We need to understand if our fears are legitimate or not, so let’s have a look at what exactly Heartbleed is?

Heartbleed affects OpenSSL. OpenSSL allows your computer to communicate with various websites without information being made available to anyone looking in. Without this, usernames and passwords could be readily exposed, especially on vulnerable mobile devices.

The communication described above, between computer and server is called ‘heartbeat.’ In the past heartbeat only sent back the same info that it received, but with the Heartbleed bug, it can request extra data of up to 64kilobytes. Although this isn’t much, it can keep requesting as much as it feels necessary to extract the amount of information it needs. This is why the bug was dubbed the ‘Heartbleed’ bug.

Business often relies on OpenSSL and has duly rushed to upgrade to OpenSSL 1.0.1g, but it’s hard to assess what damage may have been done or what information might have been stolen.

Businesses often use an Enterprise Mobility Management Solution (EMM) to upgrade their security. Management platforms like MDM or MAM are very popular, and could gain more status in the weeks to come. Users of these services tend to stress that the above solutions must be properly configured for them to work to their full potential. It has been an even bigger concern after [pullquote]April 7, 2014, the day Heartbleed was publicly disclosed.[/pullquote]

Modern business is now crammed full of company issued smartphones, tablets and laptops, so awareness of these dangers should be paramount to any organisation which values its security.

Businesses have been updating security certificates en masse due to rare cases of banking apps being hooked up to servers that were vulnerable to attacks.

It was initially thought that around 60% of servers may have been affected, which makes the furore more understandable; now they estimate it may have afflicted around 17% of servers which will be a big relief to a lot of businesses.

We live in a world of complicated technical jargon and we can’t be expected to understand every piece of information we are warned about in the media. What we can do on an everyday level is to change our passwords more regularly and never use the same passwords across a range of different websites. To the everyday user of modern technologies this seems to be the best advice to tackle Heartbleed. Business users should look into EMM solutions on top of Open SSL.

The question we ask is, will Heartbleed affect my business? Well, it could if you’re not up to date with your security patches. However, it should come as a relief that only 17% of servers were actually affected by the Heartbleed bug, but anyone concerned about their mobile phone may want to install patches to Android 4.1.1, which Google claims is the only version of its OS that could be affected.

Heartbleed – Believed To Have Affected 17% Of Servers

Image: ZDNet
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

The Unexpected Ways Digital Communities Are Changing Sports Betting Trends

We’ve seen a rise in social gaming sites over the years. These sites, which are…

1 day ago

Behind The Latest Vaping Designs

The vaping industry continues to evolve, with product designs becoming more sophisticated and user-centric. Modern…

1 day ago

Pros And Cons Of AI Generated Content: Efficiency And Quality

As digital landscapes evolve, more marketers, content creators, and businesses are asking, what is AI…

1 day ago

How SEO Services In San Francisco Help Small Businesses Stand Out?

Today, small businesses have an incredible opportunity to grow beyond traditional means and reach new…

2 days ago

The Psychology Behind Competitive Online Gaming: Why We Keep Coming Back

Online competitive games have long been a cultural phenomenon, drawing millions worldwide. From strategic block…

3 days ago

Navigating Global Market Diversity With Dynamic Product Roadmaps

In a world where companies constantly strive to tap into new markets, they also face…

3 days ago