Heartbleed fixes could slow internet to a crawl

Security experts warn companies rushing to fix vulnerabilities will cause internet to slow down

A mouse cursor hovering over a web page url bar

Web users could see a drastic reduction in internet speeds, as companies across the globe rush out fixes for the Heartbleed bug.

According to security experts quoted in the Washington Post, with companies all rushing to patch holes at the same time, this could have a significant impact on network speeds.

Jason Healey, a cybersecurity scholar at the Washington-based Atlantic Council, explained to the publication: "Imagine if we found out all at once that all the doors everybody uses are all vulnerable they can all get broken into. The kinds of bad things it enables is largely limited only by the imagination of the bad guys."

This week, it was revealed the OpenSSL vulnerability could be used by hackers to create fake websites, mimicking genuine gateways, encouraging customers to enter their personal data, passwords and usernames. Hackers can use this data, posing a much bigger risk than previously realised.

It also means hackers can steal security certificates, making the fake websites appear to be real and overwhelming the secure website system.

Healey said because it's such a serious problem, there's a huge amount of work involved to fix this aspect of the bug and internet speeds could down noticeably.

Experts claim the Heartbleed vulnerability has been sitting silently in hibernation for more than two years and - although it doesn't seem as though anyone has used it in a malicious way - it has forced thousands of internet users to change their passwords.

BlackBerry and Google have already announced they are working on a solution to protect their users from the vulnerability in mobile browswers. Google said only devices running on Android 4.1.1 Jelly Bean are vulnerable, while blackBerry assured users only a couple of its features were exposed to Heartbleed, including BBM and Secure Work Space email.

Codonomicon discovered the vulnerability last week and said: "Your popular social site, your company's site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL...Many of online services [sic] use TLS to identify themselves to you and to protect your privacy and transactions."

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Gmail vs Outlook.com: Which one is better?
email providers

Gmail vs Outlook.com: Which one is better?

26 Nov 2021
Compromised Google Cloud Platform instances are riddled with cryptominers
cloud computing

Compromised Google Cloud Platform instances are riddled with cryptominers

26 Nov 2021
Podcast transcript: Can the US take on big tech?
Policy & legislation

Podcast transcript: Can the US take on big tech?

19 Nov 2021
The IT Pro Podcast: Can the US take on big tech?
Policy & legislation

The IT Pro Podcast: Can the US take on big tech?

19 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021