ICO highlights need to apply security updates after Shellshock flaw discovered
Business Articles
Submit Articles Back to Articles
26 September 2014
The
Information Commissioner�s Office is urging organisations and
individuals to make sure that their IT systems are up-to-date.
The warning
comes after the identification of a flaw, referred to by the
researchers who discovered it as Shellshock, which has been found in a
software component called Bash. Bash is a part of many Linux systems,
as well as the OS X operating system used by Apple Macs. The flaw
potentially allows any computer with the vulnerability to be taken
control of remotely.
Security
updates are currently being rolled out to fix this problem and it is
important that those vulnerable to the flaw apply any available updates
as soon as practically possible.
ICO
spokesperson said:
�This flaw
could be allowing criminals to access personal data held on computers
or other devices. For businesses, that should be ringing real alarm
bells, because they have legal obligations to keep personal information
secure. The worst thing would be to think this issue sounds too
complicated � businesses need to be aware of this flaw and need to be
monitoring what they can do to address it. Ignoring the problem could
leave them open to a serious data breach and ultimately, enforcement
action.
�And for
people who are concerned their personal information could be at risk on
their own devices, the message is clear. Don�t think this all sounds
too complicated. Security updates are currently being rolled out -
don�t ignore them, but make sure you apply them as soon as practically
possible.�
Further
information
If you would
like to find out more about the importance of keeping your computer and
other devices up-to-date, advice is available on the software updates section on the Cyber
Streetwise website.
More
detailed guidance for organisations about the importance of applying
security updates can be found in chapter one of our recent IT security report.
Further
details about the vulnerability can be found on the UK National Computer Emergency Response
Team�s (CRT-UK) website.
Notes
1. The Information Commissioner�s Office upholds information
rights in the public interest, promoting openness by public bodies and
data privacy for individuals.
2. The ICO has specific responsibilities set out in the Data Protection
Act 1998, the Freedom of Information Act 2000, Environmental
Information Regulations 2004 and Privacy and Electronic Communications
Regulations 2003.
3. If you need more information, please contact the ICO press
office on
0303 123 9070.
About the Author
The Information Commissioner�s Office is the UK�s
independent authority set up to uphold information rights in the public
interest, promoting openness by public bodies and data privacy for
individuals. We do this by promoting good practice, ruling on
complaints, providing information to individuals and organisations and
taking appropriate action when the law is broken.
The ICO enforces and oversees the following
legislation:
- Data Protection Act 1998
- Freedom of Information Act 2000
- Privacy and Electronic Communications
Regulations
2003
- Environmental Information Regulations
2004
Follow us @Scopulus_News
Article Published/Sorted/Amended on Scopulus 2014-10-02 09:06:45 in Business Articles
All ICO Articles
