[BreachExchange] Linux Security – The Next Big Target for Cyber Criminals

Audrey McNeil audrey at riskbasedsecurity.com
Thu Sep 29 20:27:33 EDT 2016


http://www.tripwire.com/state-of-security/security-data-
protection/cyber-security/linux-security-the-next-big-
target-for-cyber-criminals/

As the cyber security threats continue to evolve and expand upon both
consumers and companies, we observe a shift from the traditional Trojans
and Worms to more complex malware that can truly devastate a system.

The contemporary viruses execute their payloads in stages and can
dynamically affect different parts of the target system. The biggest
problem is no longer found in merely defending a network from intrusion –
security experts need to secure preventative measures that guarantee a
strong defense against potential attacks and ongoing campaigns.

The facts state that the most popular operating system for servers is
Linux. The choice is natural for system administrators – it is an open
source technology, runs all important software products, and the hacker
community and mindset contribute to its effectiveness in a corporate
setting.

But as newer and more complex malware continue to evolve, we need to take a
closer look at the security issues that continue to be a weakness in this
operating system.

FRAGMENTATION

The most popular issue that has been discussed for many years now is the
fragmentation problem. Thousands of different distributions exist, and that
delivers a problem for many. Yes, there are only a few main distributions
that function as a base for creating new derivatives but as the smaller
distributions eventually develop and evolve, they introduce new changes
that sometimes impact security.

This is why we have witnessed several attacks against one specific
distribution that exploits a weakness introduced into a unique feature that
it possesses. Remember that Android is powered by Linux and ransomware
threats against the mobile operating system have spiked.

Fortunately, the open source developers, especially project managers,
respond very quickly to security reports.

BEAST BATTLES

In the Linux world, diversity can sometimes introduce problems. On the
desktop, we see users debating between the “two beasts” GNOME and KDE. As
this debate will probably never end, similar situations are found in the
server world, as well.

Linux powers a variety of different applications – servers, firewalls and
other critical systems for every business. System administrators often
debate whether or not to use a certain technology or a specific service.
Other operating systems do not have the diversity of software solutions
that Linux offers and this produces another problem similar to the
fragmentation issue.

Operating different technologies and being up-to-date about all of their
features and security can be hard for administrators. Criminals use this to
craft clever exploits that deliver payloads against multiple products.

A FUN TIME SCAMMING USERS

Linux users often search for guides, tutorials and how-tos for fixing
problems that they may occur. The newer generation of users may not be
comfortable with the traditional hacker communities that operate in IRC
channels or local LUG’s (Linux User Group). This fact may be used by
malicious users who may devise phishing sites containing such instructions.
New ransomware variants now target Linux users, too.

ALMOST ALL MAJOR IOT APPLIANCES RUN LINUX

We have read the reports and witnessed the results. The current security
state of the Internet of Things (IoT) is horrible. Updates are not issued
promptly; the users leave the default configuration as it is and the cyber
criminals have taken advantage of that.

So many smart appliances have been compromised that security experts
worldwide have called for the creation and adoption of security policies
that are specific to the IoT devices. Until then, device owners should
follow some of the good security practices for the Internet of Things.

CONCLUSION

All in all, Linux security is a very exciting field in cyber security
research. The challenges that the open source nature of the system presents
can be overwhelming at times. Linux is a unique ecosystem that not only
guarantees good performance but also an expansive array of opportunities.

The operating system continues to grow in popularity, and that is a
well-known fact. But will developers continue to maintain caution and
address the security problems that are identified in time?

Thousands of IoT devices go online every month and most of them run Linux.
Will their weaknesses plague the rest of the Linux ecosystem? We will have
to wait and see what happens after Linux’s 25th birthday.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160929/9f22454b/attachment.html>


More information about the BreachExchange mailing list