Home > Uncategorized > Linux and Macintosh Systems Will Be Attacked Increasingly

Linux and Macintosh Systems Will Be Attacked Increasingly

This blog entry explains the fifth of my ten predictions concerning events and trends that I predict will occur in 2008. This prediction is:

5. Attackers will continue to shift their focus from attacking Windows systems and towards attacking Linux and Macintosh systems.

Over the years patterns of attacks have changed drastically. Two decades ago attacks such as brute force password-guessing attacks were among the most prevalent of attacks. Today few such attacks occur. The same is true for attack targets. Two decades ago VMS systems were the preferred targets of attack. Since the mid- to late-1990s until this year Windows systems have been targeted more than any other type of systems. I predict, however, that Windows systems will soon lose the allure that they have had for attackers for so many years and that Linux and Macintoshes will be the new preferred targets.

There should be little mystery concerning why Windows systems have been so frequently attacked for so long. Three major factors have come into play:

1.    Windows systems have typically proven to provide a target-rich environment for attackers. Until only several years ago, new releases of Windows operating systems have been bug-ridden, allowing attackers many options regarding ways to gain unauthorized access to systems and also (more importantly) to gain unauthorized Administrator of SYSTEM privileges.

2.    Windows users constitute an unusually weak link with regard to security. Users of Windows systems tend to be the most naïve of all when it comes to knowledge of sound security practices, in part because of the extreme ease-of-use of Windows user interfaces and in part because Windows systems tend to be very affordable for home users compared to other types of systems. Despite warnings, these users continue to engage in dangerous computing practices such as opening attachments that they are not expecting, visiting dangerous Web sites, and failing to install badly-needed patches.

3.    Animosity towards Microsoft. For a variety of reasons, many attackers and authors of malicious code have had hostile attitudes towards Microsoft and its products.

Attackers’ preferences are already changing, however, in that are now focusing an increasing amount of attention on Macintoshes and also on Linux systems, a trend that is likely, if anything, to grow even more. For example, the last SchmooCon Conference (which, by the way, I consider to be one of the best one or two conferences for technically-oriented security people available anywhere) focused far more on attacking Macintoshes than any other type of system. Why? Again, a variety of reasons exist, including:

1.    Boredom. The attacker community has mercilessly attacked Windows systems for years using a variety of methods. After all these years, however, the “thrill” of attacking Windows systems has subsided substantially. This community is thus not surprisingly turning its attention to new challenges that include attacking other systems such as Linux and Macintosh systems.

2.    Windows systems have become more difficult to attack. First and foremost, Windows systems are now far more secure after installation than ever before. Microsoft’s Trusted Computing Initiative (TCI) that Bill Gates started nearly five years ago among other things mandated much better security engineering in Microsoft’s software development process than ever before. This initiative has over time proven to be highly successful, as shown by the much better out-of-the-box security of Windows operating systems such as Windows Server 2003 and Windows Vista. Microsoft is also now doing a much improved job of creating and distributing patches for these systems.

3.    The number of vulnerabilities being discovered in Linux and Windows is larger than once might suspect. Vulnerability statistics such as those at secunia.com show that a substantial proportion of the security-related vulnerabilities found and reported are in Windows, Linux, and Unix systems (including Macintosh 10.x systems), not merely in Windows systems. The many vulnerabilities in Linux and Macintosh systems thus also help create a target-rich environment for attackers.

4.    Linux and Macintosh users are comprising an increasing proportion of casual users. The increasing popularity of Linux and Macintosh has resulted in a substantial growth in the number of casual Linux and Macintosh users. Their knowledge of good security practices is no higher than that of Windows users, leaving them and their systems highly vulnerable to attacks.

5.    Operating systems other than Windows systems often facilitate script-based attacks. Scripting provides a very powerful way to attack systems. Linux and Unix provide the richest and most readily available scripting environment.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.