Technology Blog »

Shell Shock Virus Explained


Shell Shock Virus Explained
Shell Shock Virus Explained

What is the Shell Shock Virus?

It is very important to know that It's not so much a virus but a vulnerability - Shellshock, also dubbed the "Bash Bug", allows Unix-based operating systems, including Linux and Mac OS X, to be compromised.

The vulnerability occurs in Bash, which is a component used since 1989. Bash is a command shell – like a screen – which enables users to issue commands to a computer, so a hacker who exploits the bug would be able to tell an affected device what to do, remotely. 

Primarily, the vulnerability will be easily found on web servers, however, CentOS versions 5-7, Ubuntu 10.04, 12.04, and 14.04 (all LTS versions), Debian, Mac OS X, and Red Hat Enterprise Linux 4-7, are all vulnerable.

image depicting Shell Shock Virus
Additional devices and systems that use Unix in some form include web servers, routers, Android phones, Mac computers, and connected devices. Systems running power plants and municipal water networks could also be affected by the bug, though security experts already recommend that these remain disconnected from the internet so they are not open to such risks.

Once into a device or system, a hacker could also access other devices on the same network. From here, in theory, they can do just about anything – including installing malicious software, stealing sensitive data, or turning your smart fridge off and spoiling your dinner.

How serious is Shell Shock?

Shellshock or Bash Bug is rated 10 on a 10-point scale for its impact and ease of exploitability by the Common Vulnerability Scoring System, an industry standard for assessing how bad security flaws are. Heartbleed, the bug found earlier this year that also affected almost every device, is rated 5. Experts estimate around half a billion web servers and devices could potentially be affected. About 51 percent of all web servers in the world are Unix-based and because Bash is used so widely, analysts are saying it is the biggest internet security threat to date in terms of the number of devices and systems that are at risk.

On the other hand, a perfect set of conditions needs to be present for the bug to be open to exploitation, which could limit its effect.

Heartbleed affected any system running OpenSSL, a common web encryption technology. With the Bash Bug, your system actually has to be using Bash. There are multiple types of command shells, so even if Bash is installed, the system could actually be using a different one.

Why are we hearing about this now?

The vulnerability is thought to have been around for 21 years. However, it has only just been discovered by Stephane Chazelas, a security researcher at Akamai Technologies, in his spare time.

Am I vulnerable?

MacBook users are vulnerable because Apple's desktop and laptop operating systems are Unix-based. Unix-based operating systems are also present in some routers and are also common in connected home devices, such as digital video recorders, smart fridges, or webcams.

Devices running Windows, such as some PCs as well as smartphones using the Windows Phone operating system, are not directly affected by the bug.

However, hackers could seek to profit from mass data theft from businesses and web administrators that provide things like email services, forums, or enterprise IT systems. These hold a large amount of sensitive data, including personal login credentials, so any individual is, potentially, or indirectly vulnerable.

What can I do to protect myself?

Major operating software vendors that use Unix are working around the clock on patches for the bug. These should appear in the coming days, so check software vendors such as Apple to see if a patch has been issued and install it on your devices as soon as you can. Anti-virus and security companies are also issuing patches as of Friday, so let your automatic updates run as soon as available.

Unfortunately, not all device manufacturers may issue patches – particularly if a consumer device is outdated.

Because of the potential for data theft, consumers should also ensure they use best practices for passwords and logins.

That means not using the same passwords for multiple accounts, as well as using strong passwords that are long and contain a combination of numbers, characters, and upper and lower case. 

How do I ensure proper business security? - RELAX - DCS can help.

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.