HeartBleed: The New Global Cyber Threat

Editor’s Note: We posted a story last week on the National Security Administration’s exploitation of the HeartBleed virus.  This bug is a flaw in the protocol used on a majority of secured websites.  It is a serious problem that the NSA used for two years to gather data.

Posted by Natalie Novitski

*Article courtesy Israel Homeland Security

While you’re at home, sitting in front of your computer and typing in your user and password as you’re about to access a secure service, you probably think this is a private, intimate connection between you and your bank, for example. Well, think again, someone may be looking over your shoulder. According to a very significant security breach discovered earlier this week, 70% of global encrypted communications are exposed. The bug, known unassumingly as HeartBleed, has been discovered in an encryption component. It allows hackers to steal encryption keys used by most servers around the world.

“When users work with a server or service exposed to the problem, others with the know-how can listen in on their communications and access all the information they store on that server. Hackers can also disguise themselves as that user.” This according to Lior Pollack, Technologies VP at 2Bsecure, Matrix’s information security and cyber branch, in an interview with iHLS. “This can be used in many ways. User should worry about passwords they use for vulnerable services, in addition to any information they gave to that service.”

The breach also facilitates another disturbing phenomenon known as session hijacking. It means that when a vulnerable server is in contact with your computer the system’s vulnerability can be exploited – hackers can disguise themselves as your computer and effectively take over the communication process. “Many browser-based applications store some sort of identification number linking the user to various servers. Once you can gain access to the server memory you can take that ID and plant it in other requests for information. Those who know the number and use it is identified by the server as the original user,” said Pollack.

The vulnerability could be exploited by hackers or criminals, but it could also be used for espionage. “Intelligence organizations with a lot of funding could theoretically record server activities over a period of time. I believe, for example, that the NSA has these capabilities. So far even if they could record server activities over time they couldn’t necessarily decrypt the communications. Now, because the encryption keys leaked, they can,” concluded Pollack.

An emergency patch fixing the problem does exist, although it may take a very long time to implement it in some systems. 2Bsecure experts recommend checking important services before using them.

Hat Tip: iHLS – Israel Homeland Security

_________________________________________

Get free Citizensjournal.us BULLETINS. Please patronize our advertisers (including below) to keep us publishing and/or DONATE.