[Linux-aus] response to ransomware attack

Michael Van Delft michael at hybr.id.au
Wed Jun 28 18:56:20 AEST 2017


> You do realise that just after wannacry hit last time there was a samba vuln released that allowed someone to do exactly the same thing right?
>
> Now is NOT the time to play "My OS is better"

+1 to this, also it's worth remembering that the attackers will go
where the money is / people are. No one is going to bother writing
ransomware for RISC OS Open, even if there were a stack of unpatched
vulnerabilities.

I suspect that if we looked at the number of servers that had been
hosed from hosting out of date WordPress and were now being used to
send spam or serve up malware, Linux wouldn't fare so well.

Windows is more likely to get hit by desktop malware that spreads
through email (the initial infection vector for Petya was a word
exploit CVE-2017-0199, then once on the LAN it spreads through SMB)
because of Windows's massive desktop market share.

While Linux, similarly, is more likely to get hit by web based PHP
exploits because of its massive LAMP web server market share.

--
Michael

p.s. All of the above is anecdotal, from my experiences in many years
of Infosec.


More information about the linux-aus mailing list