Hackers around the world are exploiting the newly-identified “Shellshock,” also called “Bash” computer bug,” using worm viruses to look for vulnerable systems. They could affect home and industrial victims and others.
This latest bug is considered to be worse than the last major bug called “Heartbleed” because it enables hackers to gain complete control of an infected machine. “Heartbleed” only enabled the theft of data.
Listen‘Bash’ bug called ‘scary’
The vulnerable program, “Bash,” is in many important systems. “It’s in web servers,” says Tom Keenan, professor of environmental design and author of Technocreep: The Surrender of Privacy and the Capitalization of Intimacy. “It’s in process control computers that run industrial things. And that’s scary because those are important systems…
“It affects Unix and Linux systems and those are the backbone of what we call the internet of things. So these are the smart cars, smart thermostats, smart light switches. Almost all of those are based on a variant of Unix and they may well be vulnerable,” says Keenan.
Terrorist and spy concerns
Bad actors could get into car area networks, he says, and for example, get cars to accelerate or brake. The bug could be used to defrost smart fridges. But there are worse scenarios, says Keenan. “People are worried about the terrorism implications. If you’re running an oil refinery or an industrial process and someone can hijack it remotely that could be very scary.” Spies could use the bug as well.
‘Everybody needs to worry’
“There are a lot of technical people struggling to decide if they’re vulnerable and what they need to do. The companies that make these systems are putting out patches, but we’re already hearing the patches are not 100 per cent effective, that they’re incomplete,” says Keenan.
“Everybody needs to worry about it because we all use web servers. We all go out to systems and trust them with our data. And if even one of those is vulnerable it’s possible that our data will be compromised.”
For reasons beyond our control, and for an undetermined period of time, our comment section is now closed. However, our social networks remain open to your contributions.