How to Protect Yourself from the Heartbleed Security Virus
News of yet another alarming lapse in Internet security has left millions of people wondering what they can do to protect their passwords, credit card numbers and other sensitive data. The security bug known as βHeartbleedβ affects the encryption technology OpenSSL, which is used by about two-thirds of Web servers to protect online accounts for email, instant messaging and electronic commerce. OpenSSL is a variant of SSL/TLS encryption, denoted by the little padlock symbol and βhttps:β on Web browsers to signify that traffic is secure.
The flaw makes it possible for hackers to snoop on Internet traffic despite the supposedly secure padlock, without leaving a trail, so website owners and users wouldnβt even realize the theft had occurred. Computer security experts offered the following advice for users concerned about the breach:
Change Your Online Passwords β All of Them
βI would change every password everywhere because itβs possible something was sniffed out,β said Wolfgang Kandek, chief technology officer for Qualys, a maker of security-analysis software. Choose a secure password. Donβt use common words or a string of consecutive numbers. Experts recommend passwords be at least eight characters long, using a combination of letters, numbers and symbols. Avoid using the same user name and password for multiple sites.
Make Sure Web Services You Use Have Updated Their Security
Changing your passwords wonβt do any good, experts explained, until the affected Web services install software to fix the problem. They would then need to alert their users to the potential risks, and let them know when the Heartbleed fix has been installed so they can change their passwords.
Fortunately, βmany of the biggest and most important services have already been patched and fixed,β Mandiant Security senior consultant William Ballenthin tells CBS News. βIβve already received notices from Google and Amazon and Yahoo that they identified the issue last week and theyβve already fixed it.β
CNET reports that other major Web services, including Facebook, Google and Twitter, did not appear to be compromised β but as Chartier points out, itβs hard to know for sure.
Keep An Eye On Your Credit Card Statements
Just in case your data was breached, check your financial statements and report any suspicious activity to your credit card company.
Be Cautious of Smaller Websites
Despite the worries raised by the Heartbleed bug, Codenomicon said many large consumer sites arenβt likely to be affected because of their βconservative choiceβ of equipment and software. βIronically, smaller and more progressive services or those who have upgraded to (the) latest and best encryption will be affected most,β the security firm said in a blog post. Although it may take months for smaller sites to install the Heartbleed fix, Chartier predicts all the major Internet services will act quickly to protect their reputations.
For any business that uses security and privacy, undoubtedly the insurance coverage should be as comprehensive and reliable as possible. At BB Insurance Marketing, we want to do more than earn your business; we want to earn your trust. We can save you up to 37% on your business insurance, including cyber liability coverage. Contact us to learn more about our Florida insurance solutions and cyber liability coverage or fill out our quick quote form and get a free quote today!