NSA Knew About Heartbleed Computer Bug

II Timothy 3:13 But evil men and seducers shall wax worse and worse, deceiving, and being deceived.

Editor’s Note: In May 2011, the Wall Street Journal published an article titled “Pentagon: Cyber Attacks Can Count as Acts of War.” The article began, “The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.”

The announcement from security experts over the last week regarding the Heartbleed computer bug that allowed hackers to steal information of web users apparently has been a tool of the NSA for years.

The NSA reportedly knew of the bug for at least two years and exploited it to gather intelligence on web users knowing that it exposed millions of Americans to having their information stolen by hackers.

“It flies in the face of the agency’s comments that defense comes first,” Jason Healey, director of the cyber statecraft initiative at the Atlantic Council and a former Air Force cyber officer, told Bloomberg. “They are going to be completely shredded by the computer security community for this.”

The Heartbleed bug was introduced in early 2012 when a update to the OpenSSL security protocol was released to the public.  The code, which is free to use, was the basis for security on websites for many companies worldwide.

The NSA reportedly has over 1,000 experts dedicated to finding flaws in programs like OpenSSL.

“We’ve never seen any quite like this,” said Michael Sutton, vice president of security research at Zscaler, a San Jose, California-based security firm. “Not only is a huge portion of the Internet impacted, but the damage that can be done, and with relative ease, is immense.”

Leave a Reply