Ransomware on Linux – Think you’re off the hook?
You have to feel for all Windows support teams worldwide right now after being hit with the largest ransomware attack in internet history. Wannacry has meant a busy weekend of tedious manual effort for critical systems that do not auto-patch, or are so old a Windows version no patch was available from Microsoft.
There has been a fair amount of gentle, (and not so gentle) crowing from solution providers running on other technical platforms in press releases in the past few days.
However in the Linux and UNIX based world we have exactly the same issues and pressures right now. All kinds of operating system major editions, AIX 6.X, Ubuntu 12.04, Red Hat El 5, CentOS 5 and Oracle Linux 5 have recently End-of-Life’d in the past two months. In addition Wikileaks has not finished divulging the last burp of nation-state hoarded exploits, and we have no idea which OS versions they may affect.
FoxT is about to release shortly a new product version of ServerControl. Pressure from the market has frankly required us to consider supporting some of these publicly expired OS editions, as customers need time to migrate critical data and processes onto new platforms.
Yes credit card processing intermediaries are failing PCI audits already this quarter, yes healthcare providers will fail their next intermediate HIPPA report. In the real life of running IT change projects take time, Linux staff are still scarce resources, and the business units, who pay for all this, have been dealing with relentless margin squeeze since 2008.
I don’t even want to look at the number of VMs or system images in private or public clouds right now running these “expired” editions. If they’re still running at all for your organization, next weekend’s panic could be your turn.
By: David Dingwall, VP of Product Marketing