New "Ghost" vulnerability prompts warning from Homeland Security Department
A new vulnerability called "Ghost" has emerged as a threat to computer systems, cautions PCI Security Standards. The United States Department of Homeland Security has issued a warning to users of Linux GNU C Library operating versions prior to 2.18. By remotely executing a code, hackers can take control of a system to install malware, manipulate files and carry out other illegal activities with stolen credentials, reports Mobile Payments Today.
The warning was released through the United States Computer Emergency Readiness Team, and PCI Security Standards Council made suggestions for companies to protect their secure payment card data in light of the new threat:
- First, companies should work with IT departments to find systems, servers and pieces of hardware that run a targeted version of glibc. This discovery process can reveal vulnerabilities so that firms can address them.
- Second, they should consult Vulnerability Note VU#967332 and respond by following recommendations outlined therein.
- Third, affected or vulnerable businesses should discover the appropriate patch for their systems, networks and appliances. As soon as possible, implementing the proper patch can save your business from the threat of intrusion.
- Finally, companies should review PCI Data Security Standard 3.0 for other suggestions for resolving vulnerabilities. Securing public-facing apps, monitoring systems for abnormal activity and continuing to conduct quarterly reviews can limit the risk for companies.
"Additionally, the council recommended a daily coordinated focus on maintaining the controls outlined in the PCI Standards — making payment card security a business as usual practice — provides a strong defense against data compromise," reports Mobile Payments Today.
We understand the critical nature of ensuring security for credit card merchant services. By taking the proper precautions, businesses can protect themselves from "Ghost" and other vulnerabilities as they arise.