Australia

Details

  • Service: Advisory, Management Consulting, Technology Advisory, Technology Risk & Assurance, Risk Consulting, Forensic, Topics, Managing Risk & Complexity
  • Industry: Technology
  • Type: Business and industry issue
  • Date: 19/05/2014

Heartbleed – Indentifying and managing the risk 

Heartbleed is a vulnerability within OpenSSL; a popular software product used by many websites and network devices to provide secure connections. The vulnerability exists due to a logic error within the OpenSSL code. This flaw allows criminals to access parts of a web server's memory that may contain sensitive information.
Heartbleed – Indentifying and managing the risk cover
Download Now
PDF files require Adobe Reader to view

Key insights

  • Heartbleed defect could expose information such as usernames and passwords, credit card information and other sensitive information
  • An estimated 20 percent of the websites on the internet run a vulnerable version of SSL
  • Criminals would require no special knowledge of you or your operations to extract the data from your server and devices
  • Anti-virus software will not detect the vulnerability nor detect exploitation of this defect as this isn't a virus.
 

Share this

Share this

Technology

We help our clients make choices that achieve growth and better understand and manage the challenges and opportunities inherent in technology.