Bill Gertz

It is common wisdom in the cyber security world that the Internet is a lawless environment. The Heartbleed bug announced last week reveals why. 
 
A widely used Internet security encryption system known as OpenSSL wasn’t attacked or had its security code broken by the Chinese or Russian intelligence services. Instead sophisticated computer hackers likely discovered and used a software flaw in the encryption software that protects secure exchanges of data between users on the Internet. 
 
As a result of a simple coding glitch, malicious hackers — criminals seeking bank account passwords or nation states engaged in online espionage — can steal extremely valuable computer security data– and do so clandestinely. 
 
The discovery of Heartbleed April 7 triggered international security alerts among both governments and the financial and other private sectors. 
 
The Department of Homeland Security on April 11, warned banks and other business to watch out for attacks using Heartbleed. DHS stated in an advisory that Heartbleed can affect websites, email and instant messaging and “can potentially impact Internet logins and personal information online by undermining the encryption process.” 
 

SEE COMPLETE TEXT

  Background-Brief.com, Heartbleed cracks secure access web sites, jeopardizing governments, private sector