Since 2011, the experts at internet security and IT enabled companies have severely been frustrated and threatened by this shocking IT virus named “Heartbleed”. Ever since it has emerged, it brought a great problem and threat to the security of IT Services. Heartbleed is a deadly virus which has attacked numerous HTTPS websites as well despite of being highly secured. As per the estimates, the virus has been successful in attacking 2 out of 3 web servers over Internet.
The emergence of Heartbleed appeared due to a slight mistake in programming. This programming error occurred during the development process of OpenSSL which is widely utilized software on a global platform. How does it impact a system? Heartbleed gives an open access to the attacker in getting connected with any HTTPS website further leading to access private memory upto 64KB of storage space. After a successful attack, the system automatically gets trapped in a way that it starts leaking private information with respect to email, passwords, cookies, etc… On repeated usage of Heartbleed, the hacker can cleverly avail encryption keys for breaking the HTTPS server key codes. On having a complete hold of the HTTPS website, the hacker or the attacker can easily run the website in a fake manner or can avail every personal information including emails send and received, regular password set ups, private messages, images, videos, financial details, etc…. The worst part about Heartbleed is that once it attacks the server, it is difficult for the owner to track its presence in the system.
Heartbleed is still not dead!
From quite some time Heartbleed has aggressively attacked websites like Yahoo, Facebook, LastPass and Android operating system as well. Various smartphones equipped with the Jellybean version of Android detected the presence of Heartbleed in their OS. The attackers using Heartbleed penetrate it in the Apps. Download of apps consistently gives a gateway to Heartbleed. Despite of finding a cure to eradicate it, Heartbleed is becoming all the more complicate with time. Though sources revealed its elimination from the system, yet Heartbleed has been found back.
Robert Graham, cybersecurity research analyst conducted a scanning process for 443 internet port in the beginning of April. During that time, Heartbleed was very much in news since it had attacked over 600000 systems in a short time span. He later found that around 1.5 million systems were supporting “Heartbleed”. He said, “This implies to me that the first response to the bug was to disable heartbeats, then later when people correctly patched the software, heartbeats were re-enabled.”
Supporting this thought, a California based security firm named “Sucuri Security” found the effects and future impact of Heartbleed to be threatening and worse. One of the officials of the company said, “I bet the results will be much worse on that one.”
However, the concern for Heartbleed is excessively increasing due to its malware impact on the IT Systems. It is essential to come up with a cure as soon as possible. The security and IT experts worldwide are striving to come up with a permanent cure for Heartbleed. Till then, there are some security steps which people can ensure for the basic protection in their system.