NSA Has Been Exploiting Heartbleed Bug For Years in Hacking Operations: Report
According to a report by Bloomberg, USA's National Security Agency had been aware of the Heartbleed bug long before it was made public on Monday. It also went on to add that the agency exploited the bug on a regular basis so as to gather critical intelligence.
Bloomberg says that the agency declined to comment on the report, before going on to deny that it was aware of Heartbleed.
"Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before 2014 are wrong," according to an e-mailed statement from the Office of the Director of National Intelligence.
It comes as no surprise that the NSA found the bug early, since it has many powerful resources at its disposal, including budgets that allow it to spend over a billion every year on data processing and exploitation, according to TheVerge.
Millions Were Left Vulnerable
By exploiting the Heartbleed bug, the NSA managed to obtain passwords and other data, which went on to serve as the foundation for complex hacking operations. However, this came at a terrible cost, with millions of ordinary users left vulnerable to attack from criminal hackers around the globe.
"It flies in the face of the agency's comments that defence comes first," said Jason Healey, director of the cyber statecraft initiative at the Atlantic Council, according to the report. "They are going to be completely shredded by the computer security community for this."
Yesterday, reports said that the bug had also affected routers and other networking equipment made by Cisco and Juniper Networks. These companies have in turn started working on providing their customers with fixes for certain products.
About Heartbleed
Heartbleed, a bug in the OpenSSL software library, hit the headlines this week for having reportedly left millions of websites vulnerable to cyber attacks by hackers in search of sensitive data like passwords and credit card numbers. Internet users have been prompted to change their passwords on popular services like Facebook and Gmail.
© Copyright IBTimes 2024. All rights reserved.