The painful network security vulnerability known as Heartbleed that paralyzed the Internet seems like a distant memory for some, however there are still 318,000 servers vulnerable to this OpenSSL bug. What is even more alarming is the unknown, as this number only accounts for the verified cases.
Internet data centers (IDC (News - Alert)), Cloud hosting facilities and Internet service providers (ISP) now, more than ever need to better prepare themselves to face the consequences of these vulnerabilities head on. In doing so, they will be protecting their brand names, service reputations and assets, as well as those of their customers.
Heartbleed: The Overview
Heartbleed is defined as a security bug in the open-source, OpenSSL cryptography library, generally used to implement the Internet’s Transport Layer Security (TLS) protocol. It enables Internet users to access the stored data of the systems that are protected by the exposed versions of the OpenSSL software.
It was a defined, easily accessible path to highly desirable data. Hackers were able to manipulate OpenSSL TLS Heartbeat Extension protocols in a range of OpenSSL versions, to obtain user and server information. As a result, customer passwords, cookies and licenses were compromised. Alarmingly, hackers were able to listen in on communications using acquired secret keys, therefore stealing data from service providers by impersonating both users and service providers.
Even more shocking, the Heartbleed vulnerability has been around for over two years, leaving the extent of the damage unknown. Moreover, when used, there is zero trace left behind, preventing users from accurately gauging or tracking the effects of the attack.
The OpenSSL TLS Heartbeat Extension protocol executes blind trust from the length of the payload in the communicating field. Meaning, from the start of the data stream (computer or network server) to the end point, the data had incorrect bound checks. This procedure may allow disclosure of data up to 64K memory to any linked network client or server. As such, delicate information enclosed in the stored data can also be exposed.
Staying Ahead of Heartbleed: 7 Steps
Best practices suggest that affected websites that host highly sensitive information in user accounts, IDCs, Cloud hosting facilities and ISPs should carry out additional risk controls and take this opportunity to educate users on ways to overcome this vulnerability.
Here are seven tips that can be applied to safeguard your brand and educate your customers:
Moving Forward
Protecting business brands is key to all organizations, especially as competition continues to increase. Data centers and hosting providers are no different, however, they are tasked not only with securing their own brand reputation, but also customer assets as well.
Today, many solutions can be incorporated into existing service offerings. IDCs, ISPs and hosting providers are now able to provide network security solutions as part of their service offerings, such as employing “Scrubbing Centers” to help mitigate events such as Heartbleed and DDoS attacks.
By executing new tactics to improve the customer experience and increase market reach, hosting providers are better able to secure assets of all kinds, and perhaps produce alternative revenue streams at the same time.
About the Author: Liejun Wang, Senior Researcher, Core Technology Division for NSFOCUS has over 14 years of experience in the network security field, Wang is dedicated and specialized in vulnerability analysis, intrusion prevention and detection, and vulnerability assessment related to core network security, attack analysis and defense technology. Wang provides ongoing and continuous security consulting and support for the Intrusion (News - Alert) Prevention System (IPS) and remote security assessment products at NSFOCUS.