How to Tell If Hackers Are Attacking Your Utility System Through Heartbleed


DHS issues bulletin listing 14 hallmarks of a Heartbleed breach.

The branch of the Homeland Security Department defending critical private networks on Thursday issued a bulletin listing 14 hallmarks that indicate a hacker has tried to take advantage of the Heartbleed bug in company systems. 

The hope is that key U.S. sectors -- utilities, for instance -- will load the signatures into a popular intrusion detection system called "Snort" and be able to flag an attempted breach. This approach is different from the various software tests that merely check whether a system contains the Heartbleed hole. 

The DHS Industrial Control Systems Cyber Emergency Response Team industry notification, which was compiled by the FBI, states that the indicators "have been developed and tested to detect attempted exploitation of the vulnerability by known open source exploitation techniques."

The bureau recommends that "these signatures be immediately implemented" throughout a network. 

Some tests for the presence of the defect -- created by botched code in OpenSSL, a common encryption tool -- reportedly  falsely declare a system safe, when users are actually in danger.

(Image via SoulCurry/