Remember Heartbleed? Of course you do.
After all, it was the first serious security vulnerability to have a really cool logo.
The Heartbleed vulnerability was uncovered in April 2014, revealing a serious vulnerability in OpenSSL – the cryptographic software library which was supposed to keep information safe and secure, but instead could have helped hackers steal information such as passwords.
After all the hullabaloo about Heartbleed, and the action taken by many IT professionals in the wake of the Heartbleed announcement, you would like to think that almost 18 months later the problem has gone away.
But take a look at this map of Heartbleed-vulnerable devices around the world.
Unlike a regular search engine like Google or Yahoo, Shodan doesn’t search for words. Instead, it searches for the technical characteristics of devices attached to the net – including devices that traditional search engines are likely to ignore.
The Shodan search engine makes it simple for anyone to search the internet for anything which might be connected – whether it be a web server, a webcam, baby monitors, routers, a traffic lights, home heating systems or a SCADA industrial control system.
And the use of filters can even allow you to hone down your search to specific parts of the world.
Of course, if these internet-connected devices haven’t been properly secured (perhaps they have weak default passwords, or contain security holes that can be exploited) then Shodan may have just helped a malicious attacker identify a potential target.
However, as with many things in the world of computer security, there’s another side of the coin. IT teams can use tools like Shodan to help them check their company’s security, testing with various filters to determine if web servers – for instance – are running a particular version of Apache, or if devices which shouldn’t be visible to the outside world are revealing their existence online.
Clearly, some manufacturers and IT teams have dropped the ball, and failed to update vulnerable systems
My bet is that there will always be devices attached to the internet which are vulnerable to Heartbleed.