Heartbleed bug shutters more Canadian gov't websites

Apr 11, 2014

Canada's government on Friday ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.

"The for the government of Canada issued a directive to all federal government departments to immediately disable public websites that are running unpatched OpenSSL software," Treasury Board President Tony Clement said a statement.

"This action is being taken as a precautionary measure until the appropriate security patches are in place and tested."

It is unclear how many are affected, or how long they may be down.

The move comes two days after Canada's tax agency shuttered its website, ahead of an April 30 annual income tax filing deadline.

The recently-discovered flaw in online-data scrambling software OpenSSL allows hackers to eavesdrop on online communications, steal data, impersonate websites and unlock encrypted data.

OpenSSL is commonly used to protect passwords, and other data sent via the Internet.

More than half of websites use the software, but not all versions have the same vulnerability, according to heartbleed.com.

Cyber security firm Fox-It estimates that the vulnerability has existed for about two years, since the version of OpenSSL at issue was released.

Computer security specialists, website masters and others began fretting about the "Heartbleed" bug this week after several reports of hacking.

Explore further: Canada shutters tax filing website over 'Heartbleed' bug

add to favorites email to friend print save as pdf

Related Stories

'Heartbleed' bug a critical Internet illness

Apr 11, 2014

The "Heartbleed" flaw in Internet security is as critical as the name implies and wider spread than first believed. Warnings about the danger exposed early this week reached widening circles on Thursday, with everyone from website o ...

What you need to know about the Heartbleed bug

Apr 09, 2014

Millions of passwords, credit card numbers and other personal information may be at risk as a result of a major breakdown in Internet security revealed earlier this week.

Heartbleed bug find triggers OpenSSL security advisory

Apr 08, 2014

A flaw called Heartbleed in OpenSSL, which is a software library used for the protection and security of millions of websites, was uncovered by Neel Mehta of Google Security, who first reported it to the ...

Heartbleed bug causes major security headache (Update 3)

Apr 09, 2014

A confounding computer bug called "Heartbleed" is causing major security headaches across the Internet as websites scramble to fix the problem and Web surfers wonder whether they should change their passwords to prevent the ...

Recommended for you

Throwing money at data breach may make it worse

8 hours ago

Information systems researchers at the University of Arkansas, who studied the effect of two compensation strategies used by Target in reaction to a large-scale data breach that affected more than 70 million customers, have ...

China condemns 'cyber terrorism' in wake of Sony attack

12 hours ago

China's foreign minister condemned all forms of "cyber terrorism" in talks with his American counterpart, a statement said Monday, as the US accused Beijing's ally North Korea with being behind a cyber attack on Sony Pictures.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.