Heartbleed one month later, at least 300k servers are still vulnerable

Security researcher Robert Graham published the results of recent global scan searching for Heartbleed vulnerable systems. 300k systems are still vulnerable

Security researcher Robert Graham published the results of recent global scan searching for Heartbleed vulnerable systems. 300k systems are still vulnerable

After the disclosure of Heartbleed bug many administrators have adopted defensive measures (e.g. Firewall) to protect their systems from attacks exploiting the flaw, as a consequence the number of servers supporting SSL discovered by the scan is passed from 28 million to 22 million. 22 million is the number of systems responding to the SSL handshake, consider that there are many more systems that respond to the probe, but which do not talk SSL.

“The numbers are a little strange. Last month, I found 28-million systems supporting SSL, but this month I found only 22-million. I suspect the reason is that this time, people detected my Heartbleed “attacks” and automatically firewalled me before the scan completed. Or, another problem is that I may have more traffic congestion at my ISP, which would reduce numbers. (I really need to do a better job detecting that),” said Graham.

300,000 vulnerable systems are really a significant number, the risk related to the exposure of sensitive information is high.
Security experts fear that cyber criminals and state-sponsored hackers could be advanced by the presence of so large a number of vulnerable systems.
The results presented by Graham are part of the analysis conducted only on port 443, the researcher has already announced that he will try to scan for other well-known SSL ports, like SMTP.
Let’s see what happen!

Pierluigi Paganini

(Security Affairs –  Heartbleed, hacking)