Skip to main content
banner image
venafi logo

Think You’re Done Remediating Heartbleed? Think Again!

Think You’re Done Remediating Heartbleed? Think Again!

June 19, 2014 | Gavin Hill

OpenSSL has been highly publicized in the last few months—at least for the long standing bugs that have resulted in the complete breakdown of trust in the Internet and the way we do business!

Of the last 6 bugs patched in OpenSSL the most noteworthy are Heartbleed, Cupid, and OpenSSL CCS injection:

  • Heartbleed enables an attacker to steal private keys and other sensitive credentials.
  • Cupid takes advantage of the Heartbleed flaw in TLS over the Extensible Authentication Protocol (EAP) to attack vulnerable clients connecting to a wireless network or to attack vulnerable wireless access points. The result is similar to that of Heartbleed.
  • OpenSSL CCS injection is exploited by an attacker using crafted handshakes to force weak key material to be used between a client and server to perform a man-in-the-middle (MITM) attack.

It would seem from the recent examples that attackers are more brazenly using SSL / TLS against organizations with great success. We need to ask ourselves why. I believe we can answer this question by simply reviewing the response that most organizations have taken to remediate Heartbleed and evaluate where they are now.

Venafi Labs frequently analyzes the websites of the Global 2000 organizations and the Alexa Top 1 Million to identify SSL / TLS vulnerabilities. We have found that although many organizations believe they are not susceptible to Heartbleed anymore, the data shows otherwise.

As part of our analysis for Heartbleed we first compared scanning results with previously published Heartbleed vulnerable lists from ZMAP and Github. It was pleasant to see that most domains listed on these repositories have remediated correctly. However, there are a large number of organizations that are not included on the lists and are still vulnerable. Our scan data specifically focuses on Global 2000 organizations to better understand how successful they have been at remediating Heartbleed.

Even though most Global 2000 organizations have taken steps to remediate Heartbleed, many have not fully remediated. When comparing the organizations that have correctly remediated, it would seem that discount stores took the Target breach to heart. They account for 9% that achieved full remediation of systems from the sample set.

Global 2000 industries which remediated heartbleed

On the other hand, telecommunications services have a long way to go to remediate Heartbleed. They are responsible for 41% of the confirmed Heartbleed vulnerable systems from the Global 2000 scan. Think of the wealth of information that cybercriminals are still syphoning off these vulnerable systems from Telecommunications services’ customers!

G2000 industries still vulnerable to heartbleeda

Heartbleed has been known to the world for 10 weeks now. Yet we still see evidence of thousands of systems susceptible to Heartbleed that have not even been patched yet. Venafi Labs will periodically publish updated information on organizations’ effectiveness with remediating the Heartbleed vulnerability based on our analysis of trust-based attacks.

Learn how Venafi can help identify systems susceptible to Heartbleed and the required remediation.

Like this blog? We think you will love this.
Featured Blog

What Is IP Spoofing?

What is IP Spoofing?

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more