Learning from ShellShock
Research and Intelligence Report- IBM MSS Threat Research Group
IBM has published an intelligence report detailing their experience and insight following the reporting of a long standing vulnerability in the GNU Bash shell (widely used on Linux, Solaris and Mac OS systems).
This sparked the mobilization of attacks known as “shellshock” beginning in late September 2014. This is the IBM Analysis of the Shellshock Bug and how it was used.
This first vulnerability soon gave way to the disclosure of several additional vulnerabilities affecting the UNIX Shell within a short period of time. A break-down of these vulnerabilities is provided in the “Situation/What Happened” section below.
Now, a few weeks removed from the initial developments, IBM take a deeper look at the shellshock data gleaned from our worldwide network of sensors to identify vectors and origins of attack, targeted industries, and any other significant findings.
Noteworthy observations include: the speed at which the vulnerability was exploited following disclosure, the number of vectors used to carry out the attacks (with a focus on the top five), and the similarities between this threat and the Heartbleed attacks.
Additionally, IBM found surprises in the top ten attacking and attacked countries lists including Iceland making the top ten attacking countries list for the first time and Japan sustaining the highest number of attacks from the most number of countries.
The speed and frequency of shellshock attacks signals a clear warning to IS teams and business more generally that not only must we all be much more aware of the risks and vulnerabilities, but there has to be capability to react and mitigate them extremely quickly.
You can download this revealing report by clicking on the image below.
You might also like ...
Reports are emerging of another credit card security breach this time concerning the Office supplies firm Staples.
They are the latest in a growing list of familiar retail names to have had their security breached. The breach came to light following the detection of fraud patterns across the North Eastern United States.
A statement issued by the company has confirmed reports in a statement saying “Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement.”