In the past, “infections” were usually only a matter for PCs and laptops running Microsoft’s Windows operating systems. Windows users should (and, at CERN, must!) apply due diligence to protect their system by, for example, safe browsing and avoiding opening attachments from dubious sources (“Stop – Think – Don’t click”). Users of Linux or MacOS operating systems were thought to be less prone to such kinds of infections… but that is plain wrong.
Computer viruses usually exploit weaknesses and vulnerabilities in the underlying operating system. As the erstwhile market leader, Windows was the number one choice for cyber-attackers due to its large market share. The success rate in infecting Windows PCs was very high. But this has changed in two ways. First of all, MacOS has become very popular too, and cyber-attackers now also target devices running MacOS and iOS – as well as Android tablets and smartphones. Secondly, attackers are focusing less and less on the weaknesses of the operating system, but are increasingly looking into the vulnerabilities of software applications. The best outcome for hackers is if these applications work on all three major operating systems (Windows, MacOS, Linux), like Adobe Reader or Mozilla Firefox. With one good vulnerability, you can exploit them all… An excellent example is the recent publication of a vulnerability in the beloved “Ghostscript” application (and subsequently in “ImageMagick” and “GraphicsMagick”): with one malicious PDF, XPS, PS or EPS document and one single unsuspecting click by the innocent user, your Linux computer is a goner. The operating system infiltrated. All files exposed. Any communication tapped. This sort of thing from our Bulletin article on “Protect your Family”. Game over, Linux.
So, Linux and MacOS folks: do as the Windows people do. Be diligent when receiving unsolicited e-mails with weird attachments (see our Bulletin article on “A free click for your awareness”). Stop and think before clicking on weird-looking web links or URLs stemming from unknown or untrustworthy sources (“Curiosity clicks the link”). And always keep your operating system and all applications up-to-date. “Yum autoupdate” is your best friend.
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.