Η Revelation by the FBI and the NSA that the Russians have succeeded in creating malware targeting Linux systems is the latest twist in the ongoing cyber security battle.
The two services revealed that Russian hackers used a completely new malware for Linux systems, called Drovorub. The malware allowed them to steal files and take control of devices.
The Drovorub It is far from the first malware targeted at Linux and of course it is not the first Russian malware to target Linux devices. Last year Microsoft warned of malware attacking Internet of Things (IoT) devices and in 2018 of malware VPN.
This particular attack shows us that what many claim is malware is a problem only for Windows does not seem to be true, as it was a decade ago.
The reality is that any computer system that provides important work or hosts important data will be targeted. Linux is increasingly the foundation of many different business systems and huge parts of the cloud. Although there are relatively few threats targeting Linux, it will not remain so.
None of the above calls into question the quality of Linux embedded security, which many argue is stronger because of the open source nature it uses. In fact, in this case, the Russian malware only worked on relatively old versions of the Linux kernel.
But Drovorub is a reminder that hackers and malware writers are increasingly willing to target all systems if they think there is a profit, another advantage.
The most dangerous assumption that many organizations make is that they are not going to be a target. This may be because they think their data is not important or because it is very well protected.
Both of these assumptions are wrong. Even if your business is small, you may have customers or suppliers who are interested in hackers, who are usually looking for systems like yours to attack. If you think you are well protected, so do many other billion dollar companies.
The latest revelation shows that all systems and all devices can be targeted, even the ones we least expect. Innovations such as IoT and the cloud simply expand the system that organizations need to maintain. And hackers will not stick to the old-fashioned ideas about which software and which systems are vulnerable to attack.