Has Shellshock made the Internet unsafe?
There is a new security vulnerability that has affected more computers than the Heatbleed bug and it allows hackers to steel your information from banks, routers and security cameras.
Security experts have for the second time this year discovered a flaw that can place your online safety and personal information at risk.
This new vulnerability is called Shellshock, and it has affected more devices than the Heartbleed virus, the Shellshock virus is so serious the US National Cyber Security Division has rated it 10 out of 10 for “exploitability” and “potential impact”. It is such a big threat because it takes advantage of a flaw that lets hackers take control of software we all use.
The threat goes beyond websites and homes. The UK government have said that Shellshock could affect “critical national infrastructure” like Power and hospitals if companies don’t respond quickly.
The software to blame for this flaw is called Bash, which is a Unix Shell, used by Linux, Apples OS X and less popular operating systems. Like the Command Prompt windows use, Bash will let hackers take control of your PC using nothing more then text commands. The Windows OS does not use Bash, so hackers are not able to exploit this flaw, but that still does not mean Window users are safe. If the hacker exploits the Bash flaw on a web server they can still steal your personal information that is stored on it, if this were to happen to a bank, the hackers could do serious damage if they wanted to. The rewards for the hackers can be huge, and until companies fix this flaw we are all at risk from this.
Many companies, including Apple, have now patched the flaw in their software, but there are still millions of routers and security cameras and other devices that still use the Bash code.
Virgin, TalkTalk, BT and Sky routers were unaffected by this flaw as their firmware uses BusyBox which is an alternative to Bash. You can always contact your routers manufacture to see if the Shellshock bug affects it.
So are you still at risk everytime you go on line? Yes if you are still using a router that not been patched to secure it from the Bash bug. If you are using a patched router then your safety will depend on the security of the web server you are accessing, but that is something you really should not have to worry about. Like so many security threats this is unnerving because it makes you feel powerless. It’s a stark reminder you will always be in the hands of security and tech companies.
If things are going to improve things need to be updated faster, to stop the flaws and the government and security company’s need to show more support for these internet functions if we are to try and stop further flaws that could jeopardise out online security.