April 18, 2014
There has been a lot of news around an Internet vulnerability called Heartbleed that was recently discovered. Without getting into too much technical detail, this basically caused many websites to possibly expose the personal information people submitted to those sites. This includes shopping sites, social networks, email services, music streaming services, and gaming sites, because many of the world’s websites use the same technology that was impacted.
Whenever an event like this happens, it’s a great opportunity to talk to your kids about sharing and guarding personal information online. First find out more about it yourself. Then share what you know and remind them that when we share information online, there is always a risk of it getting into someone else’s hands, either because they did something or because we may not have protected it as much as possible.
A Few Facts
What we know is that this vulnerability has been around for at least 2 years, 66% of websites use the technology impacted by this bug, but not all of them were considered vulnerable by our researchers as of April 8, 2014. Many organizations have been checking the servers hosting their websites and if they were vulnerable to the bug, are fixing it. We also know that if you use a site that is now fixed, you should be ok to use it.
What we don’t know is how long a particular website might have been exposing people’s personal information, such as user names, passwords, credit cards, phone numbers and home addresses. We also don’t know how many people with bad intentions may have gotten access to that information while the window for them to access it through this bug was open.
Today, the first arrest related to the Heartbleed bug was made in Canada. A person there was arrested and accused of hacking a government website and stealing 900 social insurance numbers. It is possible we are only at the beginning of discovering how far and wide the impact of the Heartbleed bug is.
Good Habits for Kids
Here are some some good online habits you can help your kids develop:
- Use just a few sites so they can manage them and check them more often. Too many sites means too many places that their email address, passwords, and other personal information is scattered throughout the web.
- Use strong passwords and change them often.
- Use the strongest privacy settings possible.
- Be a minimalist. Only share what you have to share.
- Assume anything you do online is public, and never private or anonymous.
Dealing with Heartbleed
Here are a few things you and your kids can do to lower your risk of having personal information exposed and potentially in the hands of people you don’t want having it because of the Heartbleed vulnerability:
- Check the websites you use each time you use them against the Trend Micro Heartbleed Detector, which you can download from the Google Chrome webstore . Launch the Chrome browser on your Mac or Windows PC. Go to the Chrome webstore to download the tool. Once you download the tool, hit the Chrome App launcher icon and open the Heartbleed Detector. Just enter a website address and hit “Check Now” to see if the site is ok.
- If the site is ok, go to your account and change your passwords and other personal information that you feel may have been at risk.
- Check your bank statements regularly for unusual purchases.
- Change your passwords regularly.
- For social networks & email addresses, check your “sent” boxes to make sure nobody is sending email from your account without your knowledge. If they are, consider changing your password to the account and reporting the malicious behavior to the service.
- If you have an Android phone or mobile device, you can also check if any apps or apps that connect to websites are Heartbleed safe. You can download the Trend Micro Heartbleed Detector App on the Google Play store.
Events like Heartbleed are always great opportunities to talk to your kids about safe, responsible Internet use. Use every chance you can to keep the communication going and remember to set a good example yourself to help kids be the best digital citizens they can be.
If you’d like to read more about the technical details of Heartbleed, go here.
If you have a website and are concerned about what to do, find out more here .