Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


Heartbleed vulnerability major issue for website owners

Heartbleed vulnerability major issue for website owners

InternetNZ (Internet New Zealand Inc) and the New Zealand Internet Task Force (NZITF) are today warning website owners that their site’s security may have been breached and private information, including logons and passwords, may have been stolen after the HeartBleed vulnerability was identified in the last 24 hours.

InternetNZ CEO Jordan Carter said website owners are advised to check their sites and patch them where required. Individual users should change their passwords as a matter of course.

“Website owners shouldn’t panic, but quick action is required by those using vulnerable versions of OpenSSL,” said Mr Carter.

The vulnerability in OpenSSL software, commonly used to secure web sites, is easy to exploit and virtually impossible to detect when it has been exploited. Any web site using a vulnerable version of OpenSSL may have been attacked by criminals stealing data or eavesdropping on communications to and from the site. Now that this vulnerability is widely known the likelihood of criminals using this exploit are significantly higher.

To fix the vulnerability, website hosts are advised to follow the below list in the order provided:
1. Establish if your site’s servers are vulnerable. This can be done by visiting
2. Patch the vulnerable servers.
3. Revoke/reissue certificates. This is an extremely important step as the servers may have been compromised for some time, without detection.

Patching alone will reduce the risk of future data compromises, however it cannot protect data that has already been captured. As usual, individuals should have separate passwords for different log-ins, and InternetNZ and the NZITF recommend changing those passwords regularly.

InternetNZ is a charitable organisation that works for a better world through a better Internet. It strives to promote the benefits and uses of the Internet while protecting its potential. It does this by funding research and work to better the Internet, working with Government to ensure that legislation does not inhibit the Internet’s development and working with all stakeholders for an open and uncaptureable Internet.

The New Zealand Internet Task Force is a non-profit with the mission of improving the cyber security posture of New Zealand. It is a forum based on mutual trust for debate, networking, information sharing, and collaboration on matters relating to the cyber security of New Zealand.

For more information, visit InternetNZ or the NZITF’s website ( or


© Scoop Media

Business Headlines | Sci-Tech Headlines


Welcome Home: Record High Migration Stokes 41-Year High Population Growth

New Zealand annual net migration hit a new high in October as more people arrived from than departed for Australia for the first time in more than 20 years. More>>


Citizens' Advice Bureau: Report Shows Desperate Housing Situation Throughout NZ

CAB's in-depth analysis of over 2000 client enquiries about emergency accommodation shows vulnerable families, pregnant women and children living in cars and garages, even after seeking assistance from the Ministry of Social Development and Housing New Zealand. More>>


Speaking For The Bees: Greens Call For Neonicotinoid Pesticide Ban

The National Government should ban the use of controversial pesticides called neonicotinoids after evidence has revealed that even at low doses they cause harm to bee populations, the Green Party said today. More>>


Science Awards: NZAS Celebrate NZ Scientific Achievements

The Marsden Medal is awarded for a lifetime of outstanding service to the cause or profession of science, in recognition of service rendered to the cause or profession of science in the widest connotation of the phrase. This year’s medal is awarded to Dr Mike Andrews. More>>


Court Rules: Affco 'Unlawfully' Locked Out Meat Workers

The note says the full court found for the plaintiffs, "that is that the defendant locked out the second plaintiffs unlawfully and that it breached s 32 of the Act by acting otherwise than in good faith towards the plaintiffs while collective bargaining was still going on." More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news