Story image

First we had heartbleed, now we're shellshocked

01 Oct 14

Security companies are continuing to warn businesses to ensure they have patches in place across all vulnerable systems, following the discovery of yet another security bug, this time dubbed Shellshocked.

The vulnerability was discovered last week and affects systems running several versions of Linux and Unix operating systems, including Mac OS X, and some routers and internet of things devices.

As Shellshock is related to Linux it can affect both PC and Apple platform.

Trend Micro says the vulnerability – also known as the Bash Bug because it is a bug in the Unix Bash shell – is a ‘potentially plague-like’ vulnerability that can exploit command access to Linux-based systems constituting around 51% of web servers worldwide.

“Because of the pervasiveness, attacks against it could grow at a very fast pace.

“The recent Heartbleed vulnerability is similar in nature to Shellshock, but Heartbleed is dwarfed by the extent and reach of this new vulnerability.”

Reports quickly emerged of Shellshock related attacks internationally, with attacks leveraging the Bash bug vulnerability ranging from botnet attacks to IRC bots.

Trend Micro’s Geoff Prentis says there hasn't been much nefarious scanning for vulnerable systems across Australia and New Zealand, and little disclosure as yet of any malicious attacks.

However, he warns companies still need to be wary and ensure patching across all Internet facing servers.

Website operators are also warned to patch asap if Bash is in the script, or rescript away from Bash.

Prentis says there is ‘huge exposure’ for cloud, however he says ‘a lot’ of cloud providers moved ‘extremely quickly’ to protect themselves from the exploit.

He says it is key for any systems in the cloud to make sure they have protection such as an Intrusion Prevention System running inside their cloud environment, and that patches are quickly updated.

Because patching takes time, he suggest network forensics also be put to use.

Symantec said last week that the vulnerability could allow attackers to not only gain control over a targeted computer if exploited successfully, but could also provide them with access to other computers on the affected network.

Patches have been steadily released since the discover of the vulnerability, with Apple today releasing a patch for OS X 10.9 Mavericks, OS X 10.8 Mountain Lion and OS X 10.9 Lion.

While other organisations such as Google and Amazon were quick to issue statements about steps they had taken to address the vulnerability, Apple initially downplayed the risk to consumers, saying with OS X systems ‘are safe by default’ and not exposed to remote exploits of bash unless users configure advanced Unix services.

Prentis says the threat is a ‘mixed bag’.

“In the consumer space, exposure is not so large because consumers are less likely to be running web servers or the Linux platform.

“However, in the enterprise space, organisations need to go through a process of incident response.”

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.