The Impact of Heartbleed

SSL Reviews
Posted by SSL Reviews

Summary

The Heartbleed security exploit is one of the major security vulnerabilities and the widely used encryption programs, Secure Socket Layer (SSL), on the Web.

Impact of Heartbleed

  • About 39 percent of Web users took steps to protect their online accounts after they learned about online security issues. They did so changing their passwords or terminating the accounts.
  • Twenty-nine percent of them strongly believe their personal data was put at risk because of Heartbleed exploit.
  • While 6 percent of users believe their personal data was stolen.
  • Around 64 percent of adults have said they had heard about the exploit, 41 percent said they heard very little about it, and 19 percent said they had heard a lot about it.
  • Following Edward Snowden’s revelations, 51 percent of U.S. citizens said they had heard about a lot about the leaks, while 35 percent said they had heard very little about the story.
  • Web users, in general, have mixed views about the safety of their personal data online. About 46 percent feel their data is somewhat secure, 26 percent said it is not too secure, 23 percent felt it was very secure, and 5 percent said they have no clue about it.
  • About 77 percent of college students were aware of the Heartbleed exploit, while 75 percent of those living with high-levels of earning said they had heard about it.

The Rise of Heartbleed

In April 2014, the revelation of Heartbleed flaw in OpenSSL program was a major story because of the very nature of the vulnerability. The bug allowed cybercriminals to intercept encrypted information affecting the large size of the population. Personal information such as usernames, passwords, credit/debit card details, and other sensitive data was compromised by Heartbleed.

Around 500,000 sites use OpenSSL to allow users to have secure interactions. Some of the big names include Google, Yahoo, Wikipedia, Facebook, and YouTube. Further, the exploit went unnoticed for two years.

OpenSSL’s open-source nature made it available for free to corporates that wanted a dignified and an easy way to allow users of their websites to conduct encrypted interactions with the websites.

Moreover, the program was primarily designed by volunteer coders. Security experts suggested users change their passwords or cancel online accounts if they felt they were vulnerable.

Precautionary Steps

  • About 48 percent of Web users with a college education either changed their password or deleted an online account.
  • Around 31 percent of users with a high-school education or less and 40 percent of those who attended some college did the same.

Who Feels Safe and Unsafe

  • About 84 percent of African Americans using the Web feel more confident about the safety of their online accounts.
  • Around 55 percent Hispanics are not so confident about the same, while 70 percent of the whites who use the Web fall in the middle.
Tags: