Communications of the ACM
Linux Security: Chinese State Hackers May Have Compromised 'Holy Grail' Targets Since 2012
Five Chinese threat groups have spent the last eight years attacking Linux servers that "comprise the backbone of the majority of large data centers responsible for the some of the most sensitive enterprise network operations," a BlackBerry research and i
Credit: Getty
A BlackBerry research and intelligence team said five Chinese advanced persistent threat groups have long been attacking Linux servers that "comprise the backbone of the majority of large data centers responsible for the some of the most sensitive enterprise network operations."
Particularly worrying is evidence of the attackers using a previously undocumented Linux malware toolkit including at least two kernel-level rootkits and three backdoors, actively deployed since March 13, 2012.
Analysis associated this toolkit with one of the largest Linux botnets ever found, with a significant number of organizations likely infected.
Targets include Red Hat Enterprise, CentOS, and Ubuntu Linux environments for purposes of cyberespionage and intellectual property theft, with researchers describing Linux defensive capabilities as immature at best.
Former U.K. Military Intelligence Colonel Philip Ingram said mitigating such exploits entails "treating [the threats] as if they are ... as much a threat as any other operating system."
From Forbes
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found