The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).
The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
“Cloudbleed is a security bug discovered on February 17, 2017 affecting cloudflare’s reverse proxies which caused their edge servers to run past the end of a buffer and return memory that contained private information such as HTTP cookies, authentication tokens, HTTP POST bodies and other sensitive data”1
A cloudflare provides essential internet infrastructure and security to millions of websites. Eventhough the term might not be familiar, there is a big chance that a website you have visited uses the company for security or information delivery.
Oftentimes when users visit a website, the user often see “http” at the beginning. But on secured website, such as bank or a password login screen, the user will see “https” at the beginning indicating that the page is a secured one. Services like Cloudflare help move information entered on those “https” websites between users and servers securely. With cloudbleed, some information is saved unexpectedly when it should not have been. Moreover, some of the saved secure information was cached by search engines like Google, Bing and Yahoo. This information could have been a username or a password, a photo or frame of video or behind-the-scene things like server information and security protocols.
PNP personnel and the public are advised to follow the tips to avoid being affected by Cloudbleed:
- Change the passwords for all online accounts
- Use a long random string for each password, unique for each site.
- Enable two-factor authentication on every account that has it available as an option.
For additional information, please refer to the following websites:
POINT OF CONTACT