Why hackers’ old habits die hard

Remember HeartBleed – a security bug in the OpenSSL cryptography library that affected half a million sites in 2014? Six years on, and it’s still being exploited. In fact, according to NTT Ltd’s 2020 Global Threat Intelligence Report (GTIR), continued attacks against a vulnerability leveraging HeartBleed have helped make OpenSSL the world’s second most-targeted software technology, with 19 percent of hostile activity.

While adversaries are increasingly innovating in the areas of AI, machine learning and automation, many vulnerabilities that are several years old – and which have patches available – are still being actively targeted on a large scale.