• 04/16/2014
    12:34 PM
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Heartbleed's Network Effect

The crypto bug likely will have a long-lasting impact on internal servers, clients, and VPN networks.
It's been one week since the massive Heartbleed flaw was disclosed publicly and websites began frantically patching, but the potential danger of the bug being used to hack into businesses' internal networks and steal their data could last for years to come.

The attention initially focused on patching public-facing websites and protecting user credentials from Heartbleed, as well as sites' digital certificates. But the long-term ramifications of the Heartbleed encryption flaw in the widely deployed open-source OpenSSL library are slowly coming into focus: how cyberspies and sophisticated cybercrime gangs can or already have used the bug to infiltrate an organization's intranet servers, network devices, client machines, and VPN servers in order to steal valuable data.

"The immediate focus should have been on the perimeter and external websites. But the long-term devastation and real cost is from the internal [network] perspective," says Rob Seger, distinguished engineer at Palo Alto Networks. "Being able to steal all the data carte blanche is, in my opinion, a more lasting and negative" outcome of Heartbleed.

Click here to read the full story on Dark Reading.


re: Heartbleed's Network Effect

Tyson, what kind of feedback are you hearing from your customers using this tool? Are they finding much evidence of attacks due to Heartbleed? 

re: Heartbleed's Network Effect

Hi Susan,

Yes, our customers have definitely seen attempted exploits from all around the world. The geomap at the bottom of the post I linked to earlier shows heartbeat requests coming from different cities in Russia and China, and that was taken just a couple days after the bug was publicized. If you would like to speak with one of our customers about this, we can try to set you up. Our PR person is rachel-at-extrahop-dot-com. 

how bad was it?

It's been about a month since the Heartbleed vulnerability was disclosed. I'm curious how much work it created for network pros. Did it require a lot of patching and checking devices for the bug? Is the work still going on?