Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: IT Wiser
New ‘Bash’ Software Could Be Worse Than Heartbleed
Remember Heartbleed, the OpenSSL vulnerability that threatened to bring the internet to its knees earlier in the year? Well, something much bigger and much scarier has emerged, with the potential to compromise everything from servers to webcams. And if experts are warning that something is worse than Heartbleed, you had better make sure you have Cloud Online Backup installed.
The ‘Bash’ bug is a newly discovered security vulnerability in the Linux software of the same name that is used to control the command prompt on UNIX computers. Experts warn that the hackers could exploit the bug to take full control of a targeted system.
An alert issued by US-CERT, the United States’ Computer Emergency Readiness Team, said that the vulnerability affects Linux and Mac OS X operating systems – both of which usually remained unaffected by mass exploits.
What makes the exploit potentially worse than April’s Heartbleed exploit is the fact that hackers can effectively take over a system. Heartbleed would ‘only’ allow cybercriminals to spy on computer activity.
Speaking to CNET, Tod Beardsley, an engineering manager at cybersecurity firm Rapid7, warned of the dangers the Bash bug poses.
“This vulnerability is potentially a very big deal,” he said. “It's rated a 10 for severity, meaning it has maximum impact, and 'low' for complexity of exploitation – meaning it's pretty easy for attackers to use it.
“The affected software, Bash, is widely used so attackers can use this vulnerability to remotely execute a huge variety of devices and web servers. Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, etc. Anybody with systems using Bash needs to deploy the patch immediately.”
Backing Up Your Data
Six months after the Heartbleed was discovered, thousands of systems remain vulnerable. Because the Bash bug is able to interact with software in many different ways, it will be impossible for experts to catalogue all of the software that is open to exploit. Therefore, you should take no chances.
It is essential that you check with software developers immediately for patches and make arrangements to back up all critical data. The bug’s ability to take over a system means that connected hardware could be affected, so Cloud Online Backup should always be favoured over external flash and hard drive backup.
Cloud Online Backup uploads data using military-grade encryption and stores up-to-date copies of files in global datacentres so that they can be accessed from any web-enabled device, ensuring your files are safe and secure in the event your system is compromised.
Contact ITWiser today to find out more about how this service can help protect your business.