rediff.com

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  

Rediff News  All News 
Rediff.com  » Business » US govt says hackers trying to exploit 'Heartbleed' bug

US govt says hackers trying to exploit 'Heartbleed' bug

April 12, 2014 08:38 IST

The US government warned on Friday that hackers are attempting to exploit the 'Heartbleed' bug in targeted attacks by scanning networks to see if they are vulnerable.

It asked organisations to report any Heartbleed-related attacks to the Department of Homeland Security, on a website that it uses to advise critical infrastructure operators about emerging cyber threats.

Larry Zelvin, a Department of Homeland Security official who runs an agency centre that monitors and responds to emerging cyber threats, said separately in a blog post early Friday that DHS was working with federal, state and local governments to uncover and mitigate any potential threats.

"While there have not been any reported attacks or malicious incidents involving this particular vulnerability at this time, it is still possible that malicious actors in cyberspace could exploit unpatched systems," said Zelvin, director of the National Cybersecurity and Communications Integration Centre.

The widespread bug surfaced late on Monday, when it was disclosed that a pernicious flaw in a widely used web encryption programme known as OpenSSL opened hundreds of thousands of websites to data theft.

Now, technology companies are rushing to identify pieces of vulnerable OpenSSL code elsewhere, including email servers, ordinary PCs, phones and even security products.

Companies including Cisco Systems Inc and Intel Corp have rushed to push out updates to protect against the threat, warning customers they may be at risk.

Source:
© Copyright 2014 Reuters Limited. All rights reserved. Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.