Incidents of private website data leaking into the public domain or into the hands of hackers seems to be an unfortunate regular occurrence these days, with the range of threats growing all the time.
Keeping up with the important facts about these incidents – what caused them, who was affected, what can you do to protect yourself, is made more difficult by the sometimes highly technical nature of the information.
One such incident made the news last February, impacting the company, Cloudflare, and its customers. Here is what you need to know about the “Cloudbleed” incident and how it might affect you.
What is Cloudflare?
Cloudflare is a content delivery, web security, and domain hosting company. They specialize in helping websites manage their traffic, ensuring their site remains available and secure through a number of technologies including caching site contents, distributing DNS information, and load balancing traffic.
What this means in practice is that Cloudflare acts as a gatekeeper and a traffic cop for visitors to many millions of websites, ensuring that data is routed quickly and securely. It also means that when you interact with a website in any number of ways (including entering usernames and passwords into login fields), the data being sent back and forth may be cached, for a time, on Cloudflare’s own servers.
What was the Nature of the Data Leak?
The data leak resulted from a type of software bug known as a buffer overflow, in which data overruns the boundary of the area of memory intended to store it, and instead writes the data to an adjacent area. The bug was accidental in nature, the result of a few lines of incorrect code, but the results were massive. Because of millions of website transactions flowing across Cloudflare’s servers every moment of the day, small pieces of data from one user’s request (say, a portion of a private message sent on a dating website) could show up in a completely different place (such as a Google search or Twitter login attempt.)
The chaotic nature of the bug comes with some good and bad news. The good news is that the leaked data was dripping out randomly, making it difficult if not impossible for a hacker with a specific malicious intent to exploit it. There was no predicting what personal data might be found, or where.
The bad news is that, because data was leaking out within live web traffic, much of it was being cached in real time by search engines like Google, potentially creating a treasure trove of data to be scooped up and exploited where possible long after the fact.
How Might You Be Impacted?
The nature of the Cloudflare leak makes assessing an individual or organization’s risk profile difficult. The data that was leaked was random, scattered and not easy to collect. This sets it apart from other leaks that have been targeted by malicious hackers to capture vast swaths of specific information, such as passwords, and credit card information from a single database.
At the same time, the incident underscores the complex challenge of securing information passed on the web, even through seemingly secure web connections. Interconnections between service providers are myriad, and the points of failure are subtle and difficult to detect. In this case, a tiny error in a line of code caused totally unrelated data to spill together in a way no one had predicted.
Sean Kirby is a Client Support Specialist at Triella, a technology consulting company specializing in providing technology assessments, consulting, maintenance services and CIO-related services to small and medium sized firms. Sean can be reached at 647.426.1004. For additional articles, please visit https://www.triella.com/publications. Triella is a Citrix Partner, VMware Partner, Microsoft Small Business Specialist, Microsoft Silver Partner, Dell Preferred Partner, BlackBerry Alliance Partner and Authorized Worldox Reseller.
© 2017 by Triella Corp. All rights reserved. Reproduction with credit is permitted.