BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB) will offer security updates on messaging software for Android and iOS devices to fix the issues related to the “Heartbleed” security threat. Last week “heartbleed” named bug was found by the researchers that target OpenSSL software, and allows the hackers to breach the security system and steal massive information.
BlackBerry devices safe to use
Security experts said that companies should protect their defenseless websites, and cautioned that the technology used in centres and on Android, and iOS running devices should, also, be protected from the threat.
BlackBerry’s senior Vice president Scott Totzke told Reuters that almost all BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB) products use secure software, which is why the company could afford not to update the two popular products: Secure Work Space corporate email and BBM messaging program for Android and iOS.
However, Totzke mentioned that the apps can be hacked if breached through WiFi connections or carrier network. Totzke, however, believes that the risk is minimal because it is difficult for a hacker to breach BlackBerry’s security technology.
“It’s a very complex attack that has to be timed in a very small window,” he said, adding that it was safe to continue using those apps before an update is issued.
Other companies also cautioned the users
Bulk of mobile apps is susceptible to the threat, according to the security experts, as they use OpenSSL code.
Chief executive of Lacoon Mobile, Michael Shaulov said that those apps similar to BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB) in mobile device management may also be targeted by the hackers because they, also, use OpenSSL code. He added that a mobile app developer can find out the ways to solve the issues. Shaulov said that it will take the hackers few weeks or maybe a month to move from ‘proof of concept’ to take advantage of the device.
There is still no news about the attacks done by Heartbleed, but according to the researchers it has been a potential threat for many years. This can, also, imply that hackers might be using a bug to attack without anyone getting to know.
Those companies, who have presaged its customers about the risk, are Cisco Systems Inc (CSCO), Hewlett-Packard Co (HPQ), International Business Machines Corp (IBM), Intel Corporation (NASDAQ:INTC), Juniper Networks Inc (JNPR), Oracle Corp (ORCL) and Red Hat Inc (RHT).