• Service: Advisory, Management Consulting, IT Advisory, Risk Consulting, Forensic, Topics, Managing Risk & Complexity
  • Industry: Technology
  • Type: Business and industry issue
  • Date: 19/05/2014

Heartbleed – Indentifying and managing the risk 

Heartbleed is a vulnerability within OpenSSL; a popular software product used by many websites and network devices to provide secure connections. The vulnerability exists due to a logic error within the OpenSSL code. This flaw allows criminals to access parts of a web server's memory that may contain sensitive information.
Heartbleed – Indentifying and managing the risk cover
Download Now
PDF files require Adobe Reader to view

Key insights

  • Heartbleed defect could expose information such as usernames and passwords, credit card information and other sensitive information
  • An estimated 20 percent of the websites on the internet run a vulnerable version of SSL
  • Criminals would require no special knowledge of you or your operations to extract the data from your server and devices
  • Anti-virus software will not detect the vulnerability nor detect exploitation of this defect as this isn't a virus.

Share this

Share this

IT Advisory

KPMG's IT Advisory group can assist organisations enhance the return from their IT investments and more effectively manage their IT risks.