iPoint Insights (blog)

What is Heartbleed and Should You Be Worried About It?

Related Insights

Remote Backup disaster Recovery

Remote Backup disaster Recovery

Remote backup disaster recovery includes a few different moving pieces. The first is remote backups – this essentially means a company that provides networking services, such as iPoint Technologies, routinely makes copies of your company’s most significant data, and then stores those copies on a server that is located somewhere far away from your office. That way, if a disaster occurs – such as a wildfire, or one of your employees clicks on a suspicious link that downloads a ton of ransomware onto your servers, and suddenly you cannot access any business information unless you pay a huge ransom to strangers over the internet – your company’s information is safe and can be recovered! (Take that, fraudsters!)

by | Apr 16, 2014 | Networking

Unless you have been living under a rock for the last week and a half, you have probably heard about Heartbleed. In case you don’t know what Heartbleed is, it is not a virus or attack like many people think it is. Heartbleed is essentially a bug that was discovered that took advantage of the way data is stored in computer memory. It allowed anyone to collect strings of information, which can include security information like usernames, passwords, security questions, even traffic data. XKCD has a great comic visualizing how the Heartbleed bug works.

Why this is a serious problem?

There have been many bugs and viruses that make national headlines over the years. Heartbleed is so significant because it affects OpenSSL which about two-thirds of the internet runs on.  This means that almost ten thousands sites were compromised, including large sites like Yahoo. If you used a site that had this compromise, anyone could have gained access to your personal information. Mobile apps have also been affected as well.

If you find out that your favorite site is at risk, changing your password immediately might not be enough. Until the website patches the problem, your new password will also be at risk. While a patch has been made available, the security gap was open for almost two years. Mashable has a list of sites that you will want to change your password for right now.

Overall, Heartbleed was a significant security hole. In fact, it was probably the largest internet security lapse so far. It was very widespread and it is likely that almost everybody had some account linked to a compromised site. This is why it is imperative that you change your passwords on all affected sites after they patched their server.