{"id":9725,"date":"2017-10-06T04:30:07","date_gmt":"2017-10-06T12:30:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/10\/06\/news-3498\/"},"modified":"2017-10-06T04:30:07","modified_gmt":"2017-10-06T12:30:07","slug":"news-3498","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/10\/06\/news-3498\/","title":{"rendered":"Step aside, Windows! Open source and Linux are IT\u2019s new security headache"},"content":{"rendered":"

<\/p>\n

Credit to Author: Preston Gralla| Date: Fri, 06 Oct 2017 04:20:00 -0700<\/strong><\/p>\n

Windows has long been the world\u2019s biggest malware draw, exploited for decades by attackers. It continues today: The Carbon Black security firm analyzed 1,000 ransomware samples over the last six months and found that nearly 99% of them targeted Windows<\/a>.<\/p>\n

That\u2019s not news for IT administrators, of course. But this might be: Linux and other open-source software are emerging as serious malware targets. Several recent highly publicized attacks exploit holes in open-source software that many enterprise admins once considered solidly safe.<\/p>\n

Let\u2019s start with the big one: the recently disclosed Equifax break-in<\/a> that resulted in the private information of 143 million people being stolen, including Social Security numbers, birth dates, addresses and more. Typically, when you find the cause of a breach like this, it involves Windows. That\u2019s not the case with the Equifax hack, though.<\/p>\n

A web application vulnerability in the widely used open-source Apache Struts web development framework allowed attackers to break into Equifax and do their damage. The framework is used by many enterprises in education, government, financial services, retail and media. Even though the vulnerability was first discovered and patched<\/a> back in early March, Equifax didn\u2019t install the patch<\/a> until after it found it had been hacked.<\/p>\n

Sound familiar? It should. That\u2019s typically how Windows attacks proceed \u2014 enterprises don\u2019t get around to patching Windows to close security holes, and hackers take it from there. A recent study by Adaptiva, which offers security and management solutions for network endpoints, found that 49% of all enterprises surveyed<\/a> said that their biggest security challenge was keeping Windows and Windows applications updated. And 59% said it takes a month or more to update Windows throughout their enterprise.<\/p>\n

It appears as if Linux and open source are becoming a similar security headache for companies. Ian Folau, CEO of GitLinks, which specializes in security for open-source software, warns in an InfoWorld blog <\/a>that at least half of all Fortune 100 companies use Struts. He adds, \u201cLess than 10 percent of companies are monitoring open source in their company, so even if these companies wanted to update their versions of Struts, they would have a hard time figuring out which applications were using Struts.\u201d He believes that many other attacks will be launched using the Struts vulnerability because it will remain largely unpatched.<\/p>\n

The Equifax attack isn\u2019t the only big one involving open source or Linux to have emerged recently. The \u201cBlueBorne\u201d attack vector<\/a> exploits vulnerabilities in Bluetooth implementations. It can be used to take over a device and use it to spread malware or ransomware and become part of a botnet. At risk are almost 5.3 billion devices worldwide that use Windows, iOS, Android and Linux-based operating systems.\u00a0 Among the Linux devices that are at risk are Samsung’s Gear S3 smartwatch, a number of Samsung televisions, some models of drones and many Tizen devices, as well as some Linux desktop PCs and servers.<\/p>\n

Some industry watchers predict even more attacks targeting open source and Linux in the enterprise. \u00a0A Carbon Black blog post, \u201c7 Predictions for Ransomware\u2019s Evolution<\/a>,\u201d warns, \u201cWe believe ransomware will increasingly target Linux systems in an effort to further extort larger enterprises. For example, attackers will increasingly look to conduct SQL injections to infect servers and charge a higher ransom price. We have already observed attacks hitting MongoDB earlier this year, which provide an excellent foreshadowing.\u201d<\/p>\n

The attacks Carbon Black mentioned happened this past January, when open-source MongoDB databases around the world were hacked<\/a> and data was taken from them and held for ransom.<\/p>\n

All this isn\u2019t to say that Linux represents a greater threat to enterprises than does Windows. Windows is dominant in the enterprise, and as long as that\u2019s the case, it will remain the primary target. But attackers have a way of going after low-hanging fruit, and IT admins aren\u2019t as used to open-source software being under attack as they are Windows. So expect more, larger attacks on open source and Linux in the enterprise as IT admins try to figure out how to protect them as well as Windows.<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Preston Gralla| Date: Fri, 06 Oct 2017 04:20:00 -0700<\/strong><\/p>\n

\n
\n

Windows has long been the world\u2019s biggest malware draw, exploited for decades by attackers. It continues today: The Carbon Black security firm analyzed 1,000 ransomware samples over the last six months and found that nearly 99% of them targeted Windows<\/a>.<\/p>\n

That\u2019s not news for IT administrators, of course. But this might be: Linux and other open-source software are emerging as serious malware targets. Several recent highly publicized attacks exploit holes in open-source software that many enterprise admins once considered solidly safe.<\/p>\n

To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[10629,10496,714],"class_list":["post-9725","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-cyberattacks","tag-linux","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=9725"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9725\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=9725"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=9725"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=9725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}