heartbleed exploit

Computer binary code

Australian Businesses Suffer Significant Blows from Heartbleed Bug

Australian Businesses Suffer Significant Blows from Heartbleed Bug 1448 2048 Greenlight Managed IT Support Services | Sydney | Melbourne

Computer binary codeAs many as 10 percent of Australian businesses were affected by the recent Heartbleed attack, as security experts say Google “bungled” the entire situation. The bug, which makes sensitive data vulnerable to hackers, was first discovered in March by Neel Mehta of Google Security and then by security firm Codenomicon in April. The issue was only made public on April 7, after Google informed OpenSSL about it.

Its Impact on Australian Businesses

The security breach had a significant impact on Australian businesses and ordinary Internet users. In fact, one technology writer revealed in a post that 10 percent of 200 ASX-listed companies have been affected. That includes CERT Australia, the organization that is supposed to coordinate information about digital threats. Several GE Money sites were also among those vulnerable to attacks because of Heartbleed.

At least 500,000 sites have been discovered vulnerable. These include the Coles Mastercard and Mayer Card websites.

Data security is crucial to businesses. It’s important that companies can secure their customers data because, as one security expert puts it, Heartbleed is catastrophic. And since among the most critical businesses affected by security issues are banks, it’s important that clients are aware of the preventive measures their banks are implementing.

CNET Australia contacted several banks to find out what measures they’ve taken to protect customer data as well as advice on how they can ensure their data is secure. All the banks they talked with confirmed that their sites were not affected by the bug and most did not recommend customers change their passwords. CNET also talked to other major businesses like PayPal, Yahoo 7 and ANZ and got the same response. However, Yahoo 7 did not answer if customers need to change their passwords while ANZ recommended updating passwords regularly. GE Money says its customers’ data has not been compromised but also urged its customers to change passwords.

Websites Aren’t the Only Ones Affected

The impact of Heartbleed isn’t limited to websites. A Yahoo! news report said that it also affected equipment that connects to the Internet. That includes routers, firewalls, and switches. Because these products could contain the bug, it makes information —usernames, passwords, and credit card information — that’s passed through these equipment also susceptible to hacking. Cisco and Juniper, two of the largest creators of networking equipment, have confirmed this.

Changing passwords may not be enough to protect your data if the equipment is infected. While it’s easy to fix websites by installing updates, networking equipment needs to be repaired by makers.

Google Failed to Disclose the Issue Immediately

It’s a bold move for the two companies to be transparent about the issue. One security and computer forensics professor commends Cisco and Juniper for being upfront with clients, which can’t be said to most companies, like Google.

Google has received flak for the way it responded to the discovery of the bug. The search engine giant has patched its systems in March, weeks before news about Heartbleed became public. Furthermore, a handful of companies were also able to take counter measures earlier than most businesses.

Many felt that it failed to responsibly disclose the bug. IT security experts are calling it a selfish act. They felt that Google looked after its own interests first. And ordinary Internet users agree that there was a lack of responsible disclosure.

Many suspect that Google played favourites and deliberately withheld the critical information from rivals like Yahoo. Sites like Flickr and other Yahoo’s web services became vulnerable to the bug while Facebook, CloudFlare, and Akamai seemed to had a heads up and were able to patch their systems earlier than April 7, when the issue has been made public.

But what’s most interesting is news that Google allegedly didn’t inform the government about Heartbleed when it should. While it’s not surprising for companies to wait until they were able to patch their systems before they make any public announcement, keeping it from the federal government is another. Google’s delay could have resulted in making federal systems vulnerable to attacks.

According to a TIME article, the “NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report.”

So What Can You Do?

Heartbleed will have lingering effects. Because it stayed undetected for several years, there’s no telling how much information was compromised and what hackers can do with that information. That’s bad for businesses.

It’s great that many companies have taken the necessary steps in minimizing the consequences of this bug but it’s even more important to take matters into your own hands. Be more proactive. Change and update passwords regularly and strengthen your IT systems. Having the right IT infrastructure is critical. It is your lifeline.

If you’re unsure about your company’s Internet security, contact Greenlight now. We can help make your IT systems updated, reliable, and secure.

Heart bleed bug Scare: Are YOU Protected?

Heart bleed bug Scare: Are YOU Protected? 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

Over the past few weeks, you may have heard some chatter about a security vulnerability named “Heart Bleed.” Not surprising.

According to the Sydney Morning Herald, the Heart Bleed security flaw has exposed tens of thousands of businesses to attacks by malicious hackers.

And as with any security scare hitting the web, businesses want to know “should we be worried?”

The short answer? Yes. The long answer? Read on to find out how Heart bleed can harm your business, and what you should do about it.

What is the Heart bleed bug, and How Does it Work?

Heart Bleed is software vulnerability that allows malicious hackers to access a range of network-connected devices and illegally gather passwords, usernames, encryption keys and personal information.

The vulnerability exists in OpenSSL software used by tens of thousands of businesses running open source web servers including Apache and nginx. The attackers’ goals are to gather sensitive information to gain unauthorized access to websites and networks. This data can then be sold to third parties.

Furthermore, malicious parties are able to:

  • Impersonate a website while suppressing alerts about invalid certificates
  • Decrypt all communication between your computer, tablet, phones and any online service 

How do I know if I’m vulnerable?

The fact the websites that you probably use on a daily basis have reacted very quickly to the bug is great, but because the Heart Bleed bug has been around for close to two years, there is a reasonable risk that your usernames and passwords may have been previously compromised without your knowledge.

You may have noticed that some sites you’re registered to may have logged you out as a security measure.

What are some services that have been affected?

Fortunately for many businesses, Microsoft products do not utilise the OpenSSL encryption mechanism. As such, it is extremely unlikely that your computer usernames and passwords were compromised when logging onto your company’s webmail, computer or virtual private networks.

The major Australian Banks have also released statements indicating that there exists no risk to their financial software and databases.

The bad news is that approximately two-thirds of the Internet runs systems using OpenSSL, and the likelihood of you having an exposed account is high.

A few of these are:

  • Google, including Gmail
  • Pinterest
  • Tumblr
  • Yahoo
  • GoDaddy
  • GitHub

Unconfirmed, but likely:

  • Twitter
  • Facebook
  • Apple
  • eBay

Mashable have also put together a fairly comprehensive list of web services that have been affected by Heart Bleed. Check out the Mashable Heart Bleed article here.

How can I protect my business from the Heart Bleed bug?

As with most wide-spread security vulnerabilities, the developer community has mobilized to educate and address the bug to minimize the extent of its damage.

It’s extremely important that you contact your IT service provider (or department) and ensure that your network is protected from the Heart Bleed vulnerability. In the majority of cases, service providers have proactively patched the vulnerability, but a phone call is a clever precaution.

A further step would be to revisit your business password policies. Passwords like “password123” are not going to cut it, and we strongly recommend mandatory password changes every 30 days.

For web-accessed software (think Gmail, MailChimp, your Sydney Morning Herald account, etc), we recommend using password management software such as LastPass.  LastPass enables users to use a single Master Password to protect the tens (or hundreds) of website user credentials.

The added benefit to using LastPass is that their software can identify websites you use that have been compromised by the Heart Bleed virus, making it easier for you to know whether your data is at risk.

If you re-use the same passwords across multiple websites, you may still be vulnerable. If you don’t routinely change your websites’ passwords, it’s possible that even your customers’ information may have been accessed.

Make sure that you select a new, secure password, and that you don’t re-use the same password across multiple websites. If you think your network may have been compromised by the Heart Bleed bug, get in touch with us today for a free consultation and simply call (02) 8412 0000.