What information can you get with a Heartbleed attack?
The Heartbleed attack works by tricking servers into leaking information stored in their memory. So any information handled by web servers is potentially vulnerable. That includes passwords, credit card numbers, medical records, and the contents of private email or social media messages.Attackers can also get access to a server's private encryption key. That could allow the attacker to unscramble any private messages sent to the server and even impersonate the server.
Who might take advantage of the Heartbleed Bug?
Broadly speaking, there are two groups of people who might take advantage of Heartbleed: criminals and intelligence agencies.For criminals, the most likely goal of a Heartbleed attack would be identity theft. By capturing a user's passwords, credit card numbers, and other credentials, the criminal could impersonate the user and engage in fraudulent financial transactions.
Intelligence agencies might have much broader goals. The US National Security Agency and its counterparts in Russia, China, and other world powers are constantly looking for opportunities to compromise the communications of military and civilian targets alike. Bloomberg has reported that the NSA discovered the Heartbleed Bug at least two years ago and "regularly used it to gather critical intelligence." The NSA has denied this claim.
The NSA is particularly well-positioned to take advantage of a vulnerability like Heartbleed because it has secret agreements with major internet service providers allowing it to intercept traffic as it flows through the internet backbone. If the agency used a Heartbleed attack to obtain a site's encryption keys, then it could intercept all of the site's communications even though the site was using SSL.
No comments:
Post a Comment