According to the revelation from the FBI and NSA (National Security Agency) that the Russian military intelligence has built malware to mainly target Linux systems. And which can be the latest dramatic twist in the unrelenting cyber security battle.
These two agencies have revealed that the Russian hackers have been using previously-undisclosed malware for the Linux systems, which is known as Drovorub (a part of their undercover cyber operations). This malware allowed hackers to steal files and also take over the devices.
The Drovorub is not only malware to target Linux, and it’s not even the first piece of Russian malware which targets Linux devices. Last year Microsoft also warned about the malware which was attacking IoT (Internet of Things) devices. Back in 2018 the VPN Filter malware targeted routers, which also seemed to be the work of Russian state-backed hackers. And it’s not just about state-backed hackers that Linux has to worry about. There’s also some evidence of password stealing malware and also suggests that ransomware gangs are trying to target Linux too.
Many of us still assume that malware is only a problem for Windows. But that might have been more believable a decade ago. Now the reality is that any computer system will now be a target if it builds up significant market share or plays host to value data. Linux is increasingly becoming the foundation of many different business systems and vast parts of the cloud.
None of this is a question to the quality of Linux’s inbuilt security, which is truly stronger because of the open-source nature of the code. In this case, malware only works against the old versions of the Linux kernel. But Drovorub is an example that hackers and malware writers are strongly willing to target any systems if they think there is a profit in it or simply the opportunity for chaos – to be had.
The most dangerous assumption that many organisations make about this is that they are not going to be a target. And that might be because they think they are too unimportant or because they are well-protected. Well, both of those assumptions are wrong. Even if your business is modest, but you may have customers or suppliers who are more interesting to hackers. And due to this hackers, therefore, use your systems as a route to attack them. And if you think you are too well defended to be a victim? Well, there are plenty of billion-dollar companies who thought the same and at the end they were wrong.
Now, this latest revelation shows that all systems and devices can, and probably will be targeted, even the ones which we expect least. Innovations like the IoT and cloud simply broaden the threat surface organisations will have to secure. And hackers will not follow old fashioned ideas about what software and systems are vulnerable to attack. In the end, we can say that our self-satisfaction about our security is our biggest threat.