Revenue Commissioners confirm its systems are safe from Heartbleed bug

11 Apr 20142 Shares

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Ireland’s tax authority, the Revenue Commissioners, has confirmed its public-facing and internal systems have been checked and are safe from the Heartbleed bug vulnerability.

While it is unclear if other Irish Government departments and State bodies have checked their systems, in Canada, the country’s CIO ordered that federal departments using software vulnerable to the so-called Heartbleed bug to immediately disable public websites.

Earlier this week, a team of researchers found a massive flaw in OpenSSL, an online encryption program used by thousands of websites worldwide that can be manipulated to send the content of a computer’s random access memory (RAM).

OpenSSL is used on public-facing websites such as Gmail, Facebook and PayPal, and it is believed that up to 17pc of the internet could be vulnerable to the bug.

Apple has said its network services, such as iCloud and iTunes, are safe from attack, while Yahoo! has instructed all users to change their passwords to alleviate any chance of their systems being attacked or accessed by hackers.

Safe from Heartbleed Bug

“There has been increasing concern from security advisers and the public generally relating to the discovery of a significant flaw in a cryptographic library used globally to digitally scramble data as it passes to and from computer servers,” a spokesperson for the Revenue Commissioners told Siliconrepublic.com.

“The Revenue Commissioners would like to confirm that its public-facing and internal systems have been checked and are safe from this vulnerability, which has been termed the ‘Heartbleed bug’.

“Taxpayers can continue to use its online services without any security concerns.

“These services include ROS, LPT/Household Charge Arrears, PAYE Anytime and the just-launched Home Renovation Incentive product.

“In addition, Revenue is certified to the ISO27001 standard. This is a globally recognised Information Security Standard that has been awarded for Revenue’s internet facing sites. The standard is independently audited and sets requirements in areas such as information security organisation, data handling and networks; ensuring that taxpayers’ personal information is secure,” the spokesperson said.

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com