Please do not leave this page until complete. This can take a few moments.
In the post-Heartbleed world, assume your online communication isn't secure unless proven otherwise.
It sounds alarmist, but it's true. Email, social media, banking -- all of it is at risk.
The Heartbleed Internet bug is particularly nasty because it's pervasive. It affects apps, hardware and websites.
Two weeks on, companies are still moving to address the bug:
Apple didn't release a firmware update for its AirPort routers until Tuesday. Dell's SonicWALL app, which lets you connect to corporate networks from home, just got patched Monday. QNAP updated the firmware for its Turbo NAS data storage centers last week. Many of Cradlepoint's 3G and 4G modems, used by businesses, weren't patched until recently.
On April 17, there were still 150 million vulnerable apps running on Android smartphones, according to cybersecurity provider FireEye. All must be updated.
"The fallout from this is likely to continue for weeks and months to come," said Tom Brennan, a computer security expert who developed a free add-on to the Firefox Web browser that detects if a website is vulnerable.
To be safe from Heartbleed, you need to know that everything you use to connect online is updated and fixed: smartphone apps, Wi-Fi routers, office servers, the websites you visit -- and their servers too.
The risk is inherent in the complicated way the Internet works. Signing into your bank might bounce you to data centers around the globe. That's why solving the Heartbleed problem is a herculean task that's largely outside of your control.
All you can do is change your passwords often -- all of them -- and update your software to the latest version. And don't trust any app, device, computer environment or website until those in charge specifically say they've patched the problem.
"At this point, the best thing the average consumer should do is simply pay close attention to vendors' notices and apply any fixes," said FireEye researcher Hui Xue. Then change all your passwords again.
But many companies aren't making it easy for you to figure it out. Banks aren't placing announcements on their website homepages to reassure customers they're safe. Information about whether routers are vulnerable -- and how to fix them -- are located deep within the websites of Apple, D-Link and Netgear.
Rick Dakin, CEO of IT department auditor Coalfire, said websites should be alerting customers, and company IT departments should be informing employees about their own company's situation.
"If you go to a website today, and they don't have a statement on Heartbleed, I would be wary," Dakin said.
It's difficult to overstate the problem. Heartbleed isn't a computer virus that automatically gets deleted by your computer's antivirus program. It's a flaw in the software devices use to talk to one another. And because these are all interconnected, it only takes one weak point to let hackers peek in. Even some versions of Symantec's Norton AntiVirus software were impacted. Bryan Harris, a researcher at analytics software maker SAS, called it "a systemic issue" with a long, uphill road ahead.
So severe are the problems with OpenSSL, the encryption software that had the Heartbleed bug, that some are ditching it entirely. A Canadian computer programmer recently created another version of it, called LibreSSL, in an attempt to simplify and clean it up.
But even if everything seems patched, we'll never know for sure, said Joe Touch, director of the Postel Center of computer research at the University of Southern California. New computer systems are often built relying on older ones which are no longer maintained.
"Like most bugs, there are some systems that will correct very quickly, some less so, some never," he said.
The Hartford Business Journal 2025 Charity Event Guide is the annual resource publication highlighting the top charity events in 2025.
Learn moreHartford Business Journal provides the top coverage of news, trends, data, politics and personalities of the area’s business community. Get the news and information you need from the award-winning writers at HBJ. Don’t miss out - subscribe today.
SubscribeDelivering vital marketplace content and context to senior decision-makers throughout Connecticut ...
All Year Long!
The Hartford Business Journal 2025 Charity Event Guide is the annual resource publication highlighting the top charity events in 2025.
Hartford Business Journal provides the top coverage of news, trends, data, politics and personalities of the area’s business community. Get the news and information you need from the award-winning writers at HBJ. Don’t miss out - subscribe today.
Delivering vital marketplace content and context to senior decision-makers throughout Connecticut ...
All Year Long!
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
In order to use this feature, we need some information from you. You can also login or register for a free account.
By clicking submit you are agreeing to our cookie usage and Privacy Policy
Already have an account? Login
Already have an account? Login
Want to create an account? Register
This website uses cookies to ensure you get the best experience on our website. Our privacy policy
To ensure the best experience on our website, articles cannot be read without allowing cookies. Please allow cookies to continue reading. Our privacy policy
0 Comments