Many big companies are still vulnerable to the biggest computer bug ever discovered, report says
Business Insider
Heartbleed, which has been referred to as one of the biggest computer vulnerabilities ever discovered, was a critical flaw that enabled hackers to steal data that was considered secure, as well as the encryption keys.
This meant that servers storing critical content like passwords, usernames, and other critical data were accessible to hackers that picked up on the vulnerability.
Companies have had the last twelve months to completely fix bug, but most have not, as Venafi discovered in its audit of 2000 Forbes Global companies affected by Heartbleed.
"3 out of 4 Global 2000 with public-facing systems vulnerable to Heartbleed are still open to breach," the report said. This means only 416 companies have fully defended themselves against the havoc Heartbleed could wreak.
It's taking companies such a long time to react because the vulnerability is so fundamental that merely patching the problem wouldn't do the trick. At the time it was discovered, security experts said that a complete overhaul would be necessary to fix the problem. Beyond patches, all keys and certificates would need to be revoked then replaced.
Most companies have not done this.
"Venafi has identified 580,000 hosts belonging to Global organizations that have not been completely remediated," writes the report.
This means that although companies may have patched the problem (in fact, everyone company has), they haven't performed the second and third steps of revoking and replacing all of the necessary keys. These two tasks are necessary to fend off future attacks.
"Failure to revoke the old certificate enables the attacker to use the old certificate in phasing campaigns against the organization and its customers," Venafi explains.
In short, unless all bases are covered, attackers can still attack these companies and gain access to this private data.
Next Story
I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
A 13-year-old girl helped unearth an ancient Roman town. She's finally getting credit for it over 90 years later.
It's been a year since I graduated from college, and I still live at home. My therapist says I have post-graduation depression.
RCB's Glenn Maxwell takes a "mental and physical" break from IPL 2024
IPL 2024: SRH vs RCB match rewrites history as both teams amass 549 runs in 240 balls
New X users will need to pay for posting: Elon Musk
Tech firms TCS, Accenture, Cognizant lead LinkedIn's top large companies list
Markets continue to slump on fears of escalating tensions in Middle East
