There can be very few comparisons between historically global IT security incidents and vulnerabilities that come anywhere near to the shadowy, anxiety-provoking spotlight that is now shining firmly on the arena of information security. The impact of the OpenSSL bug known as Heartbleed – made became public on the 7th April 2014 and officially documented as bug CVE-2014-0160 – has reached far and wide since it went public on 7th April 2014. One of the most fundamental backbones of security on the Internet has been dealt a severe confidence blow.
Trusting the Internet
Due to this crucial transport layer vulnerability that causes memory content to leak when exploited, an insurmountable amount of private keys have been exposed. While IT security teams worldwide scramble to analyse their systems and patch this bug by upgrading to OpenSSL 1.0.1g or higher, the true impact of the potential risks from retrospective exploitation that Heartbleed has presented may never fully be realised.
Confirmation of documented exploitation of the Heartbleed bug has already been made public, and even though only 64 kilobytes of data can be gained at a time, there is a very real risk that secure data can – and indeed has in many cases – been compromised.
This article has been extracted from https://bdaily.co.uk, please click on this link to read the article in full https://bdaily.co.uk/advice/28-04-2014/what-heartbleed-can-teach-businesses-about-information-security/
Montash is a multi-award winning, global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.
For more information please visit www.montash.com