OFEC blog

BASH Virus and whether we should be concerned or not.

BASH Virus and whether we should be concerned or not.

26 Sep '2014 by Edward Williams

BASH Virus

TDamaged Lotus involved in a car crashhere was an announcement on the Chris Evans breakfast show on 26/09/14 that people should not use their credit cards online for the next few days so we thought we’d give you our take on this.

 

Facts

The virus in question is called BASH or Shellshock. It has been around many years, it affects Linux and Unix machines which includes Apple devices, but not Windows. Our servers are Windows so are not affected, but users of your site may be affected.

Impact

The fact that it’s made national radio means you need to consider what action to take, especially if they are being told not to use credit cards online for the next few days, as repeated in the Independent http://www.independent.co.uk/life-style/gadgets-and-tech/shell-shock-bash-bug-bigger-than-heartbleed-could--undermine-security-of-millions-of-websites-9754720.html

Action

Our research indicates this is not likely to cause a significant issue, the publicity is therefore what needs to be managed. Our advice is therefore to read up and take your own view of what to do. If it were me, I would either do nothing, or make it clear on the home page and the order pages that you can call to place your order and make it easy to see the phone number. I would probably do the latter.

If you see a drop off in orders and are not sure what to do, call for a chat.

It would be useful to tell me what you’ve done and whether you’ve seen an impact so we can advise other clients what is really happening at the coal face…

Thanks and fingers crossed there’s little public reaction or risk.

tags: Security