By now, you've probably all heard of the Heartbleed Bug and how it has affected approximately two-thirds of the Internet. If you haven't, you've been living under a rock.
Named for the way it weakens the "heartbleed extension" of the transport layer security protocols (TLS/DTLS) in the popular OpenSSL data encryption software, the Heartbleed Bug, has affected nearly 66 percent of all websites on the Internet including Yahoo. First discovered by the security team at Google, the Heartbleed Bug poses one of the biggest Internet security breaches in history.
What does it mean?
It means that brand websites, social media pages, business bank accounts and e-commerce sites could be at risk! The flaw gives hackers the ability to find usernames, passwords, previously uploaded content, and large amounts of important data originally deemed safe. The bug also gives hackers access to encryption keys, which means they can read encrypted data.
According to Codenomicon, another firm that caught the vulnerability flaw, says that most websites will be either directly or indirectly affected. "OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company's site, commercial site, hobby site, sites you install software from or even sites run by your government might be using vulnerable OpenSSL."
3 Tips to Help Protect Your Website
The best way to ensure your website is no longer affected, it's best to take all precautions. Whether your site has been compromised or not, this is a big lesson on the importance of securing your digital assets.
- Check if your website is vulnerable. Use the Heartbleed checker, created by Codenomicon to see if your website could have been compromised. If it is, contact your Web hosting service provider to see if Fixed OpenSSL is available and install it.
- Change all passwords. It's a good time to change all your passwords, even on social media accounts. Make sure passwords are over 8 characters. Use both uppercase and lowercase letters, numbers and special characters to make sure they are strong. Make sure you use separate passwords for each account. Using the same password for multiple websites could make it easier for hackers to login to other accounts. Don't forget to also keep password recovery options up to date. Whether it's an emergency e-mail, security question or phone number, make sure all information is recent.
- Upgrade security strength. There are many security software programs that help to encrypt your data. Make sure if you have these security programs that they are all updated. It's extremely important for brands, e-commerce sites and online marketing companies to ensure they have the best cyber security software available.