A new security Research report published by Blackberry, “Decade of the RATs Research Report” identified a long running and systematic attack on Linux alongside Windows and the Android mobile OS.
While significant resources are spent on identifying and blocking Windows vulnerabilities, the same cannot be said of Linux.
The general consensus is that Linux is more secure and therefore needs less intervention; in reality this is not the case, a more likely explanation of the limited threats directed at Linux is the relatively small number of Linux machines (approx. 2%) compared to Windows and Mac.
The groups identified comprise a loosely linked group of civilian contractors likely working in the interest of the Chinese Government. They identify b=vulnerabilities and develop tools to exploit these vulnerabilities and share this information amongst their group and with the government counterparts.
Eric Cornelius, chief product architect at Blackberry, also shared where he believes future attack vectors are likely to be focused. He shared hos view that the biggest future risk is likely to be mobile devices.
Security companies have only recently started developing security products for these platforms and many devices are still unprotected. There have been numerous identified compromises on these platform, many coming from government and government backed organisations.
A popular compromise approach is to mask the compromise as adware. People will see the adware as a minor annoyance thereby masking the true threat of the compromise on the device. Many devices now hold confidential security information and can be used as personal authentication devices – any compromise can have wide ranging impacts and should be taken seriously.
The lesson to be drawn from the report is to study past threats as well as future risks. Often previous threats are used as the basis for new attacks and knowledge of this information is vital in protecting for the future.