September bug Shellshock more harmful than Heartbleed

  • Team Omega
  • November 19, 2014

This news might be forgotten or considered old given that there is a barrage of breach stories constantly hitting us.  What exactly did Shellshock do?  It took over a machine via remote code executions. Further research into this said it was just a line of compromised code in the Bash Unix shell, a free piece of software that is written over 70% of devices that connect to the Internet: servers, routers, computers, mobile phones, cameras and refrigerators.

The National Institute of Standards and Technology gave it a vulnerability rating of a full 10.  An interesting piece of news on this is that while Heartbleed went undetected for 2 years, Shellshock went undetected for 22 years.  Patches were applied within hours and a few days of discovering Shellshock to remediate the vulnerability.

What is the lesson here? Network Security is a must and it should go beyond just the basics.

  • Monitoring
  • Continuous updating of anti-virus, anti-spyware, anti-malware, and anti-spam
  • Firewall to prevent unauthorized network access
  • Secure remote access
  • Intrusion prevention systems
  • Scanning – both internal and external

Omega ATC is in the business of providing retailers with all of the above.  One solution OmegaSecure, centralized and automated; without a need for several other solo solutions.  The return on investment (ROI) in our Omega solution is a no-brainer.  By automating hundreds of routine IT tasks, OmegaSecure eliminates many of the headaches and costs of data security and systems management.  So there’s no need to bring on additional personnel or equipment. And your IT staff is free to focus on improving service and driving growth and profitability.

Call Omega ATC at 636-557-7777 or email pci@omegasecure if you would like to learn more.