Skip to main content

Newsroom

April 11, 2014

Banks urged to act over ‘Heartbleed’ bug

“A US regulator has warned that cyber criminals could be impersonating bank services or stealing users’ online banking passwords after the “Heartbleed” bug, called one of the most significant breaches of internet security ever, was discovered in the software used to secure two-thirds of the web.”

“The Federal Financial Institutions Examination Council said on Thursday that banks using the Open SSL software should take steps to protect themselves by upgrading the software as soon as possible to address the vulnerability.”

“The regulator also suggested that financial institutions should consider replacing all the private keys for each service, which hackers could have stolen and used to access confidential information. Banks relying on third parties should also ensure their providers took action, it said.”

“A significant vulnerability has been found in OpenSSL that could allow an attacker to decrypt, spoof, or perform attacks on network communications that would otherwise be protected by encryption,” it said in a statement.

“Attackers could potentially impersonate bank services or users, steal login credentials, access sensitive email or gain access to internal networks. Potential attacks are made feasible by the public availability of exploitation tools.”

“The Heartbleed bug may have allowed cyber criminals to access anything stored in a computer’s short-term memory, from user passwords to intellectual property.”

“It is not known if hackers exploited the vulnerability before it was discovered by a group of security researchers last week. But since it was announced on Monday, experts have said cyber criminals will be racing to find which sites are still vulnerable because they have not updated their software.”

***

Read full Financial Times article here.

In the News
Share

MEDIA REQUESTS

For media inquiries, please contact us at
press@bettermarkets.org or 202-618-6433.

Contact Us

For media inquiries, please contact press@bettermarkets.org or 202-618-6433.

To sign up for our email newsletter, please visit this page.

Name(Required)
This field is for validation purposes and should be left unchanged.

Sign Up — Stay Informed With Our Monthly Newsletter

This field is for validation purposes and should be left unchanged.

For media inquiries,

please contact press@bettermarkets.org or 202-618-6433.

Donate

Help us fight for the public interest in our financial markets, protecting Main Street from Wall Street and avoiding another costly financial collapse and economic crisis, by making a donation today.

Donate Today