Photo: tsmall (flickr)
Cyber experts are calling the Hearbleed blug, which is threatening the personal information housed on millions of websites, the biggest current internet security threat.
Steve Myers, a professor of computer sciences and informatics at Indiana University, says the bug is not an act of cyber terrorism or hacking, but rather an infrastructure problem in the security code most websites use.
“This is not a virus. This is not malware,” Myers said. “It wasn’t sent out over the internet. This was sort of like a GM recall. We have a whole bunch of systems that have been deployed with something that’s not quite built right and because of that they’re all vulnerable to attack.”
What You Should Be Doing Now
Myers says internet users should not hurry to change their passwords immediately. If you do not know whether your information could have been compromised, you should change you password after taking some precautions.
You can check whether a website is corrupted by the Heartbleed Bug by typing in the URL here. If the website comes up as safe, you can log in and Myers recommends you should then change your password.
Myers says the worst course of action right now is logging on to an insecure site because hackers won’t have access to sensitive information on a site unless you log in.
Good Password Hygiene
Establishing varied, complex passwords and updating them regularly is the only way to safeguard financial and personal information on the internet, according to Myers. Below are his tips for good password “hygiene”.
- Don’t share passwords across websites.
- Create different levels of passwords. Banking and financial sites should have complex, unpredictable passwords. Save your common, easy passwords for sites without sensitive information.
- Your passwords shouldn’t contain a word.
“So you can do something like create a phrase and take the first and last letter of each word in the phrase and put those all together to create passwords,” Myers said.
ex: Dead Of Night – ddofnt
Myers encourages everyone to take this bug seriously, because at least one online service we all use has been affected by it.