Mirai Security | Cyber Security Blog

Security Impurities: News of the Week (August 31st - September 6th)

Written by Alex Morgan | Sep 6, 2022

Linux Systems Cynicism: Ransomware Attack Trends and Perceived Security

From Android to ChromeOS and beyond, the omnipresence of Linux operating systems and services on the Internet make it an integral part of the digital world. Less targeted by hackers than Windows and macOS, it has often been framed as a "more secure" alternative to these competitors. Perhaps due in part to this reputation (which is not entirely unfounded), its market share continues to grow, expanding into onboard vehicle systems, televisions, and critical infrastructure. This has made the recent increase of ransomware attacks on its servers and embedded systems a worrying trend, as it seems as if this increased adoption has caused many hackers to turn their sights on Linux for the first time. A mid-year report by cybersecurity company Trend Micro released this past Wednesday has revealed that ransomware attacks on Linux systems are up 75% over the first half of 2021, a direction that Trend Micro predicts will continue as Linux entities become more attractive to attackers. This worrisome prediction reveals a fundamental truth about cybersecurity perceptions. Choosing an OS family because of the perception that it is more secure than other, more prominent alternatives without concrete evidence of that fact is incredibly dangerous, as it puts undue trust on systems and services that may not have undergone enough continuous security testing to live up to the hype. As discussed in Cyber Magazine's analysis of the report, there is fear that these attackers will be able to exploit flaws in Linux systems faster than vendors can patch them, which, due to Linux's ever-increasing market share, could spell disaster in an untold number of ways. While Linux systems are forced to adapt to this spotlight, it is essential to remember that security and lack of malicious focus are not the same things.

Id-IoTs: The Rapid Expansion of Internet of Things Devices and Their Security Risks

Organizations and their security do not always see eye-to-eye on balancing innovation and risk. One place where that difference of opinions is keenly felt is regarding the Internet of Things (IoT). In recent years, organizations have significantly increased their output of IoT devices, and cybersecurity teams have been forced to reckon with the fraught security of these devices as this expansion continues. A recent article in Dark Reading has described the pickle this IoT explosion has caused for security teams across many organizations.  has described the pickle this IoT explosion has caused for security teams across many organizations.

What is IoT?

IoT refers to a network of connected devices and technology (the "Things") facilitating communication amongst other devices over the Cloud. IoT can refer to something as small as the network of smart devices one has in their home to something as large as a smart grid that controls energy services for an entire nation.

IoT Cybersecurity Concerns

Dark Reading has revealed that, due to both the proliferation of IoT devices and regulations requiring the disclosure of bugs, the number of disclosed vulnerabilities for IoT devices has risen by 57% in the past six months, as security teams attempt to patch the many bugs inherent to IoT technology. These problems - which can include incorrect access control, an outsized attack surface, and the lack of a trusted execution environment – can require potentially unsustainable security upkeep. Because of the expanding definition of IoT, and the resulting blurred lines and safety concerns regarding what is OT and what is IT, this has the potential to be a problem that gets worse before it gets better. As security teams struggle to secure these ever-evolving environments, organizations should be mindful of reconciling technological ingenuity with security practicality.

Ingenuity with the Bounty: Google's New Program for Combatting Bugs and Supply Chain Attacks

Bug bounties are nothing new, but Google's latest approach to securing its ecosystem has put a novel spin on the concept, and it may have come at the perfect time.

What Is a Bug Bounty?

Bug bounty programs, also called vulnerability rewards programs (VRPs) are crowdsourcing initiatives in which organizations reward individuals that discover and report bugs in their software.

Google's New Bug Bounty Program

Dubbed the Open Source Software VRP (or OSS VRP), Google's program is unique in that it is one of the first to be open-source specific, requesting that bug hunters report particular vulnerabilities that can wreak wide-ranging havoc on the open source landscape. In Google's estimation, these include "vulnerabilities that lead to supply chain compromise, design issues that cause product vulnerabilities, and other security issues such as sensitive or leaked credentials, weak passwords, or insecure installations."

Announced in the same week, a potentially catastrophic vulnerability was discovered in the Github environment of Google's open-source Firebase project. This push to identify and patch bugs is a timely endeavor for the tech giant. Offering rewards from $100 to $31,337 to bug hunters, Google is hoping that the OSS VRP will be able to spot bugs before they can have far-reaching open-source repercussions.