Heartbleed Bug Intercepts Again

heartbleed bug
The Heartbleed bug has intercepted again and the hacker has finally been arrested. The Heartbleed bug was able to access much of the information we find valuable. It is this information that we use on a daily basis that can easily be stolen using the Heartbleed bug. This bug can intercept and download memory of up to 64kb. The memory it steals includes information like passwords or usernames to online banking accounts and similar information. People may mistake the bug as a virus, but it is not a virus.

When first hearing of the bug, companies took immediate action to secure their sites. Yahoo was vulnerable to the bug for about 24 hours before they took action, whereas the Canadian Revenue Agency immediately took their site down to work on problems with security. The Heartbleed bug infiltrated and stole 900 tax payers information in the databases of the Canadian Revenue Agency. The Canadian Revenue Agency was then notified by a Canadian intelligence agency that this bug had infiltrated their system. Shortly after the announcement of what had happened, the police arrested Mr. Solis-Reyes who was identified as the hacker who stole the information.

Another attack was also reported recently within the Mumsnet Corporation. An attack on Mumsnet happened a little differently as the hacker attained information by stealing the username and password of the founder Justine Roberts. The hacker then stole information from the databases users, because of an opening or error in the SSL security hole. Once Mumsnet found out about the problem, they immediately started on a patch and announced this via their website.

Other companies may have been attacked by the Heartbleed bug who has intercepted again, however, they may be choosing not to report the incident since it is not against the law to choose non-disclosure of the breach. Many companies chose to not disclose this information, but instead deal with it privately. It is a very hard thing to do to examine the situation and take into account how much damage was done in some instances. This is true, because when the Heartbleed bug is used to infiltrate a database, it often shows no signs or leaves no trails of evidence.  However, there are precautions that a company can take to prevent an attack. The company can also inform users of what steps they can take to secure themselves when using the company’s websites.

One of the programs being used to prevent future attacks is called Metasploit. This program emulates an attack on a database and notifies the system and user of what is happening during the attack. This software is very powerful and can easily be bought since it is open to most any computer user to access. With this program the Heartbleed bug may not intercept the same systems again. Young hackers may take advantage of this fact that this program is available, however. Criminal activity may persist because these programs are available for anyone to use. The new module of Metasploit allows for a user to search all the private keys on a computer system. This program deals with a lot of code and should be made so that it does not get into the wrong hands. Otherwise, companies can expect more hacker attacks and the Heartbleed bug to intercept again.

By Anah Ayala

Sources:
Forbes
BBC News
Forbes Tech

Leave a Reply

Your email address will not be published.