03 Apr Cloudflare incident and its impact on your security systems
Cybersecurity is one of the hottest topics in the technology world right now, and events like the Cloudflare bug bring that fact into even sharper focus. According to PBS News Hour contributor Andrew Wagner, the internet services provider, Cloudflare, recently discovered that a code bug had surfaced in September 2016. The provider, which manages 10 percent of all web traffic, had been leaking passwords, cookies and other identifying information to the internet at large.
“To strengthen defenses, the first step should be for users to change passwords.”
The websites affected include Uber, OkCupid and Glassdoor, among others. While the bug was detected by an outside source and quickly fixed as soon as it came to the attention of the security team at Cloudflare, the impact could be more far-reaching than was initially thought.
The Cloudbleed conundrum
The Verge contributor Rich McCormick noted that the bug was nicknamed “Cloudbleed” in reference to the Heartbleed incident of 2014, when a similar vulnerability affected more than two-thirds of the internet. That’s no exaggeration – The Verge’s Russell Brandom noted at the time of the incident that two out of every three servers were impacted by the vulnerability in the OpenSSL software library.
The question remains, however: How do businesses secure their data in light of the Cloudflare/Cloudbleed code bug?
TechCrunch contributor Kate Conger noted that cleaning up the mess left by the code bug isn’t going to be an easy fix – some of the leaked data was cached by search engines, which made things a little messier than desired. In fact, some security researchers are still finding samples of leaked data in those caches. To strengthen defenses, Conger stated, the first step should be for users to change passwords.
“Given that sensitive data is still floating around in search engine caches, it’s a good idea to reset your account passwords and enable two-factor authentication,” Conger wrote. “You should also use a password manager to generate unique passwords for the websites you visit. Cloudflare hasn’t uncovered any evidence that the bug was discovered by anyone other than Ormandy – but it never hurts to refresh your passwords, particularly since they may be exposed in a cache.”
In addition, website administrators and businesses could force a password reset just to ensure that users are taking the proper steps to secure their accounts.
Investing in the proper security tools
In addition to beefing up security settings and changing passwords, it helps to have the right solutions on hand. The market for cybersecurity tools and solutions is projected to grow to $202.36 billion by 2021, according to MarketsandMarkets, at a compound annual growth rate of 10.6 percent beginning in 2016. According to another report published by MarketsandMarkets, by 2019 the market for cloud security solutions will be worth a total of $8.71 billion. It’s clear that organizations are aware that they need to spare no expense when it comes to the security of their computing infrastructure, and with bugs like Cloudbleed becoming more frequent, it’s more critical than ever.
The Cloudflare bug is a key example of why your business needs the best security solutions possible. By partnering with a trusted managed service provider like Pinnacle Business Systems, you can rest assured that your organization will be protected by only the best in both on-premises and cloud security. The Cloudflare bug is a key example of why your business needs the best security solutions possible. Our experts can conduct assessments of your infrastructure and help you determine the best course of action as far as security is concerned.
Get in touch with the professionals at Pinnacle for more information and to schedule your assessment today.