UNL networks are being scanned to identify and remedy potential Heartbleed Bug vulnerabilities, Rick Haugerud, director of IT security, said April 9. Network activity also is being monitored for any Heartbleed traffic to or from campus servers.
The bug is a vulnerability in a piece of the software that a majority of secure websites (those that start with “https”) use to encrypt personal and sensitive information in an attempt to secure it. The Heartbleed Bug has been in existence for more than two years, but was only recently identified by security firms. When exploited, the bug allows hackers to bypass the encryption and view protected communications, including personal information like usernames and passwords.
The security team with Information Technology Services is scanning all UNL networks in an attempt to identify potentially vulnerable systems. Intrusion Prevention Systems are also being monitored for signs of active exploit attempts.
ITS will contact campus system administrators to provide information about vulnerable systems and to communicate steps that need to be taken to eliminate the vulnerabilities. The team will also encourage the replacement of any Secure Sockets Layer (SSL) certificates that are at risk.
Faculty, staff and students should be on the lookout for phishing emails about the Heartbleed Bug — particularly those that claim to be notifications from password-protected Web services. If a provider suspects their site may have been compromised, they may ask or require users to change passwords once patches have been applied. All links should be verified before the user follows them and enters usernames and passwords.
If there are any doubts that Heartbleed-related communications are legitimate, contact the ITS help center or the ITS security team.
If UNL information technology staff request password changes for a particular service, follow the advice immediately. Those requests will not include links to Web pages, will be signed by an ITS staff member, and can be verified with an email or phone call.
All campus information technology staff are asked to apply appropriate patches and restart services that rely on OpenSSL.
The ITS security team is offering ad-hoc Nessus scans, which can detect the Heartbleed Bug. Information technology staff can request a scan to verify problems have been resolved after patches are applied.
For more information, send email to security@unl.edu.
Information Technology Services will provide further updates and recommendations as the extent of possible Heartbleed Bug damage is revealed.
Websites outside of UNL servers have started installing Heartbleed patches. Users are cautioned to wait until websites fix the bug before changing any passwords.
For more information on Heartbleed, go to http://heartbleed.com or http://go.unl.edu/r3ed.