Just when it felt like we were finally getting over the recent Heartbleed bug, along comes another security risk. It’s called Shellshock; it threatens millions of computers and hardware and potentially even more people. Shellshock is considered by many security experts to be possibly more serious than Heartbleed; it has been given a 10 out of 10 rating in severity by the Common Vulnerability Scoring System (in comparison, Heartbleed received a 5). The U.S. Department of Homeland Security has even sent out a warning to businesses and organizations explaining the threat and what can be done about it. So is it time to panic? What do we have to worry about? The answers to some of the most common Shellshock questions can be found below.
FREE Webinar on Oct. 21 at 3:30pm EDT: The Top 3 Threats to Retail IT Security and How You Can Defend your Data
What is Shellshock?
Some refer to Shellshock as the Shellshock Virus, but that would be a misnomer. Shellshock is actually a bug–a programming security flaw–that is found in the command line used in many operating systems that run off of Linux or Unix. Also known as the “Bash bug”, the flaw has been around for roughly more than two decades but was only first discovered recently. One of the biggest risks involving Shellshock is how easy it is for hackers to exploit. Using only a few lines of code, hackers can potentially give commands to the hardware they’ve targeted without having any authorization or administrative access. In addition to sending commands to their targets, hackers may also plant malware within systems. At most risk are servers and devices that use Linux or Unix, which accounts for more than half of all internet servers. Estimates put the total number affected at around 500 million servers in total.
How May Shellshock Affect Me?
While we’re still in the early stages of dealing with this problem, the overall effect it can have on the average user is minimal so far. Those who should be the most concerned about Shellshock are those who use Apple Macbooks since they have operating systems that are based off of a Unix platform and make use of the Bash software that contains the bug. Most of the concern should be reserved for websites and businesses that have servers which may be affected. If you frequent websites that have affected servers or use older computing systems, your information may be at risk. Routers and local modems may also become a target for hackers.
What’s Being Done About Shellshock?
The race is on to find the correct solution for the bug. Part of the problem is how prevalent it is, which will in turn require effort on the part of multiple parties, organizations, and security experts. It is likely that the businesses and groups that are most affected by it will release patches to protect themselves and their users from any adverse effects. Webmasters and systems administrators are also working to protect their sites from further action from hackers. The biggest worry is the widespread nature of the flaw. At the moment, most experts believe it will take several years before most of the affected servers and devices have been fixed. Even then, older machines will likely still contain the bug until a proper patch is made or the machine is simply disposed of.
What Can I Do To Protect Myself From Shellshock?
Most of the protective steps at the moment need to be taken by qualified organizations and businesses, leaving very little for the average user to do. If you’d still like to take extra precautions, taking traditional security measures would be a wise move. That includes changing your passwords for each of your online accounts and updating the antivirus software on your computer. You should also make sure to run any software updates for your computer and mobile devices since those updates will probably have the needed patch. It’s also recommended that you don’t go to any suspicious websites since they will likely be the last to patch their servers. For companies that are worried about the Shellshock bug and its effect on network security, experts say you should take some servers offline for a few days if your business can handle it. Companies should also closely monitor their servers and systems for any suspicious commands.
By Rick Delgado | @ricknotdelgado
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.