A BlackBerry research and intelligence team said five Chinese advanced persistent threat groups have long been attacking Linux servers that "comprise the backbone of the majority of large data centers responsible for the some of the most sensitive enterprise network operations."
Particularly worrying is evidence of the attackers using a previously undocumented Linux malware toolkit including at least two kernel-level rootkits and three backdoors, actively deployed since March 13, 2012.
Analysis associated this toolkit with one of the largest Linux botnets ever found, with a significant number of organizations likely infected.
Targets include Red Hat Enterprise, CentOS, and Ubuntu Linux environments for purposes of cyberespionage and intellectual property theft, with researchers describing Linux defensive capabilities as immature at best.
Former U.K. Military Intelligence Colonel Philip Ingram said mitigating such exploits entails "treating [the threats] as if they are ... as much a threat as any other operating system."
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found