As many MSPs have already heard, the United States Computer Emergency Readiness Team (US-CERT) reported Wednesday that there is a new bug, termed "Shellshock" or "Bash" bug, that is affecting Unix-based operating systems such as Linux and Mac OSX.
The vulnerability affects the Unix command shell “Bash” (Bourne Again Shell), which is installed not only on computers, but also on other devices that use a subset of Linux, such as smart locks, cameras, and storage and multimedia devices.
The US-CERT announcement stated that, “Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.”
According to CNet, the Shellshock bash bug involves the execution of malicious code within a Bash shell -- a command-line shell used in many Linux and Unix operating systems -- and by Apple's Mac OS X operating system.
The Shellshock bash bug is similar to the Heartbleed security flaw, notes the CNet article, in that it leaves information stored on data servers potentially vulnerable to hackers.
Your data is safe with Intronis
Rest assured that the data you have stored with Intronis will not be affected by Shellshock. “Intronis does not deploy any Linux or Unix platforms” stated VP of Product Management Chuck DeLouis, “so there is no risk to our agents. Since all of our partners’ data is encrypted at rest within the data center, the integrity of our customers’ data is also not at any risk.”
Protect your end users
As with any such threat, we recommend that the best way to protect your clients’ data is to maintain frequent revisions. The Intronis ECHOplatform makes this easy. Simply use our defaul revision rules and we will save the optimum frequency of revisions for you. It's economical to store revisions with our Intelliblox change block tracking technology, which backs up only the blocks of data that have been most recently updated. If you’re backing up with Intronis, in the instance of any vulnerability or malware attack, you have a better chance to retrieve an uncorrupted version of your client’s file, and you reduce the risk of losing crucial data.
If you have any additional questions about our security and the measures we take to keep your clients' data safe, we encourage you to reach out to our Partner Success team by calling 1-800-569-0155. You can also submit an email request or chat live using this links provided on our Partner Success page.