Linux kernel flaw may give hackers a way in
SUBNET Solutions Inc | Tuesday, March 13, 2012
While Linux is often lauded for its strong security measures, it still isn't immune to all cyber hazards.
Earlier this month, a Linux kernel flaw was discovered that allows hackers to gain root privileges in 64-bit Linux operating systems. Even more alarming, the exploit also allows attackers to leave a "back door" propped open for additional exploitation at a later time, according to PC World.
The high-profile vulnerability, known as CVE-2010-3081, could potentially create problems for all users of 64-bit Linux products, including RHEL, CentOS, Debian, Ubuntu, CloudLinux, SuSE and others. The flaw can be traced back to a problem with the way Linux kernel validates memory on behalf of its 32-bit system calls.
Since it was first made public, several major Linux users have reported attempts to hack their system to gain superuser privileges, security firm Ksplice affirmed. Soon after the reports, a number of temporary workarounds were published for RHEL and others, however modified versions of the vulnerability could still be used to gain access, the news source stated.
Now, tools are available to determine if machines have already been exploited by looking for the back door that may have been left open. However, a second and similar exploit was discovered not long after corrective tools were made available.
These vulnerabilities are an example of the evolution of malicious software and malware and a testament to the level of sophistication they have reached. In today's world, it is becoming increasingly important to have a system in place that is proactive - not reactive - to cyber security threats. As the recent problems with Linux show, even the most secure operating systems are vulnerable to cyber threats. This suggests strong security does not lie in which operating system is used, but rather how the risks associated with a chosen OS are managed.
All over the world, Linux is used in electrical utility substations, potentially putting critical infrastructure at risk. As NERC CIP continues to evolve across North America, utilities will need to take a proactive stance to mitigate the risk of cyber security attacks. Rather than waiting for a vulnerability to become fully exposed - as was the case in the recent Linux issues - operating systems should take a managed approach to cyber security that regularly issues updates designed to resolve the newest set of threats.
For utilities, cyber security is crucial, and has led to the development of NERC CIP standards. SUBNET works with companies looking to install intelligent substations to ensure compliance with these requirements.
Substation Cyber Security