6 security threats more deadly than Heartbleed or Shellshock

Experts are concerned about other potential vulnerabilities


Heartbleed and Shellshock are proving to be particularly heinous security threats. Heartbleed is an attack on the OpenSSL cryptography library on websites around the world, which exposes a vulnerability that's difficult to find and difficult to patch. According to AVG in a report last month, there are at least 12,000 sites in a list of the top 800,000 in the world that are still open to attack.

Shellshock is a more recent attack that uses a vulnerability in the UNIX Bash shell that has been exposed since the early 90s. It's part of the Linux operating system and has IT security experts worried because of how widely it's used on devices other than computers, which are regularly patched.

Worse to come?

But what if Heartbleed and Shellshock are just the start? Security experts have started pondering what similar vulnerabilities could be open to attack, perhaps one that is even more widespread, just as difficult to patch, and just as costly for the IT industry to eradicate.

What might seem like a tiny window in a security infrastructure – a simple protocol used for e-commerce, or the smartphone business users carry around all day – could actually be the next gaping hole that leads to a formal investigation, criminal charges, headlines on the BBC, and a major embarrassment when an attack is successful.

TechRadar Pro talked to well-known security experts to find out what they would pick as the most likely attack vector to occur.

1. In-Transit Encryption

The main issue with this attack vector is that it takes advantage of incredibly popular services like Dropbox and Google Drive, which are often used for business purposes.

According to Istvan Lam, the CEO and Founder of Tresorit, data sent to these services is only encrypted once it is stored on the service, not before it leaves the device, keeping encryption keys firmly in their hands.

"Data is not encrypted and ultimately not protected before it reaches the cloud, leaving it extremely vulnerable to attacks," says Lam. "If the provider itself is ever compromised, so is all data stored." The only security approach that will help enterprises in the short term, at least until they become more protected, is to create policies for using these cloud services and make sure employees avoid them.

2. ICMP protocol

Heartbleed attacks a vulnerability in the OpenSSL library used by many websites. But according to Mark Gazit, the CEO of ThetaRay, there's an even more common protocol that could be vulnerable, known as the Internet Control Message Protocol (or ICMP).

"The ICMP is used by network devices like routers to send error messages indicating, for instance, that a requested service is not available or that a host or router could not be reached," says Gazit. "Since ICMP is an internal part of IP, and must be implemented in every IP module, flaws in this protocol would enable attackers to easily infiltrate organisations, fly under the radar and exploit the protocol for their own communications (especially to exfiltrate data)."

3. Open source application server

Another ripe area for exploitation: an open source application server. According to Bryan Alexander, a senior security consultant for Coalfire Labs, the apps servers used for enterprise tools like SugarCRM could be mismanaged and leave gaping attack vectors wide open.

According to his research using a penetration testing toolkit, in about 60% of the testing scenarios where an application server is involved, the toolkit was able to find a vulnerability. What could help? Those who are operating the servers need to conduct code reviews and look for potential security flaws, then work to close them as soon as possible.

4. Point-of-sale systems

One of the most deadly attacks imaginable to security experts has to do with the POS systems used in retail operations. We've already seen individual attacks on companies like Target and TJ Maxx in the US, but Eric Cowperthwaite, a vice president for strategy at Core Security, argues that there could be more widespread attacks.