Everyone understands the need to protect themselves and their organizations from the threats poised by cyberattackers, malware, viruses and other digital dangers. It’s one of the leading reasons why business and IT leaders are so often afraid of embracing new, unproven solutions. Many of these decision-makers have the mindset that it’s safer to stick with popular systems that have been proven resilient over time.
There’s a problem with this line of thinking, though: popular systems are also vulnerable to all of these cyberthreats, and more. Just because a solution is widely used, does not mean that it is totally safe. Not at all.
The recent emergence of GHOST is a case in point. GHOST is a Linux-specific vulnerability that can potentially compromise users’ control of their systems. Naturally, this could cause tremendous damage to a huge number of individuals and organizations around the world. It should serve as a reminder of the need for open source software security solutions, even when companies are relying solely upon seemingly dependable systems.
A serious threat
The GHOST flaw, identified by cybersecurity firm Qualys, allows cyberattackers to take over users’ mission-critical servers, such as those used for email and webpage hosting, via a malicious code.
“The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that’s invoked by the gethostbyname() and gethostbyname2() function calls,” Ars Technica explained. “A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application.”
“GHOST affects almost every piece of Linux-based software that performs domain name resolution.”
The source noted that this vulnerability affects almost every piece of Linux-based software that performs domain name resolution. This means that the flaw could spread quickly.
“There could be a lot of collateral damage on the Internet if this exploit gets published publicly, which it looks like they plan to do, and if other people start to write exploits for other targets,” Jon Oberheide, a Linux security expert, told Ars Technica.
Amol Sarwate, director of engineering with Qualys, noted that there have not been any known cases of hackers exploiting the GHOST vulnerability as of yet. However, as Reuters reported, Sarwate emphasized that this does not mean companies using Linux are safe.
“We were able to do it. We think somebody with good security knowledge would also be able to do it,” he said, the source reported.
Clearly, all of this highlights the need for organizations to take preventative measures to protect themselves. But that’s not the only takeaway. Just as importantly, this incident goes to show that many companies could easily be much better protected if they only embraced the right tools and paid closer attention to the cybersecurity threat landscape.
Why? Because, as Ars Technica noted, a patch to fix this Linux vulnerability was released two whole years ago. Yet most versions of Linux currently in use lack this correction.
By investing in cybersecurity tools that can not just protect systems, but also alert organizations of potential weaknesses in need of updates, businesses will be far better able to protect themselves from this and other yet-to-be-discovered software flaws in popular systems.