Why Shellshock is Worse Than Heartbleed

By   ISBuzz Team
Writer , Information Security Buzz | Oct 20, 2014 05:05 pm PST

Back in April, the digital world was in a panic over the security threat of a bug codenamed Heartbleed. The bug exposed a weakness in the popular OpenSSL cryptographic software library. Essentially, the flaw allowed anyone on the Internet to access vulnerable OpenSSL systems.

It was hyped up to be a digital pandemic and left professionals scrambling for a solution. Everyone was put on high alert, and it reminded us of the importance of proper network security initiatives to protect valuable data. But, as the saying goes, there are always bigger fish in the sea, or in this case, bigger bugs in the cybersphere.

Free Download: Is An Outright Ban On Workplace Social Networking A Good Idea?

The most recent digital threat we are facing is called Shellshock, which is a vulnerability in software many computer systems use every day. Shellshock affects a shell called Bash, which is a command-line interface that allows users to communicate with Unix based systems, like OS X and Linux. While you may not be consciously opening Bash everyday along with your browser and email, it’s running in the background of your operating system. So what does this all mean? Basically, the exposed threat leaves your system vulnerable to remote attacks, which could result in stolen personal information or executing unwanted commands.

Also, because many web servers use Bash, it’s possible that entire websites could be taken over. Estimates state that more than 80 percent of the Internet serves websites running software affected by this bug. While large sites, like Google and Amazon, have already begun to roll out patches, it’s unclear if smaller websites are making the necessary updates.

While Bash isn’t connected directly to the internet, the Shellshock bug can potentially affect anyone visiting a website hosted on a vulnerable server. Compromised servers can even deliver other malware, further damaging systems and compromising network security.

One of the reasons Shellshock is considered a higher risk than Heartbleed is because there is no easy solution to date. While Heartbleed required users to change passwords on many sites in order to protect their information, Shellshock will require software patches. Although some administrators have already started to make the necessary changes, they are still largely incomplete.

While Heartbleed was a concern, it required considerable skill in order to exploit weaknesses in computer security. However, Shellshock exploitation is relatively simple and doesn’t require advanced skills. Almost anyone with malicious intent and basic computer skills can learn to exploit the bug and use it to take complete control of a system.

Attackers can also use the bug to create worms, or self-replicating attacks. That means once a system is compromised, it can be used to attack others over and over again. When you consider that more than a million systems (and likely many, many more) are vulnerable to Shellshock, it begins to paint a picture of the level of severity.

While there are no guaranteed solutions for the moment, there are a number of steps you can take to increase your network security.

1. The Basics

Always make sure you have proper anti-virus software and firewalls in place. This is often your first line of defence and can protect you from many unwanted intrusions.

2. Stay updated

While updates can sometimes be annoying, they’re necessary for incorporating the latest fixes to keep your system safe. Administrators are aware of these issues and are looking for solutions. By keeping your OS up to date, you’ll acquire the necessary patches as they continue to roll out.

3. Diversify Passwords

Another effective way to limit exposure is to have different passwords for different services. This limits the likelihood that once one service is compromised, it’ll affect another. Also, if you can, look into the web services you use and find out who is making their software. See if the manufacturer has said something about the bug and if they are making the appropriate adjustments.

4. Vigilance

Emails are still the most common door for an attack, so this final point should be a no-brainer: don’t open suspicious links from untrusted users. Even if you know the sender, be carefulm because your contacts could be compromised. Just make sure to read over everything before opening a link. Anything that looks out of place or suspicious should be avoided.

By Rick Delgado | @ricknotdelgado

rick_delgadoBio: Rick is blessed to have a successful career and has recently taken a step back to pursue his passion for writing. He loves to write about new technologies and how they can help us and our planet in particular. Rick occasionally writes for several tech companies, including Dell. His articles are always industry-neutral.