Η Revelation by the FBI and NSA that Russians managed to create one malware targeting Linux systems is the latest twist in the never-ending battle for cyber security.
The two agencies revealed that Russian hackers used an entirely new malware for Linux systems, called Drovorub. The malware allowed them to steal archives and take control of devices.
The drovorub It is far from the first malware targeted at Linux and of course it is not the first Russian malware to target Linux devices. Last year Microsoft warned of malware attacking Internet of Things (IoT) devices and in 2018 of malware VPN.
This particular attack shows us that what many claim is malware is a problem only for Windows does not seem to be true, as it was a decade ago.
The reality is that any computing system that provides significant work or hosts significant data will be a target. Linux is increasingly the foundation of many different business systems and huge parts of the cloud. Although there are relatively few threats targeting Linux, it won't stay that way.
None of the above calls into question the quality of Linux embedded security, which many argue is stronger because of the open source nature it uses. In fact, in this case, the Russian malware only worked on relatively old versions of the Linux kernel.
But Drovorub is a reminder that hackers and malware writers are increasingly willing to target all systems if they think there is a profit, another advantage.
The most dangerous assumption that many organizations make is that they are not going to be a target. This may be because they think their data is not important or because it is very well protected.
Both of these assumptions are wrong. Even if your business is small, you may have customers or suppliers that are of interest to hackers, who are usually looking for systems like yours to attack. If you think you are well protected, many other billion dollar companies thought so too.
The latest revelation shows that all systems and all devices can be targeted, even the ones we least expect. Innovations such as IoT and the cloud simply expand the system that organizations need to maintain. And hackers will not stick to the old-fashioned ideas about which software and which systems are vulnerable to attack.
