This year hasn't been good for users of Open Source software, which at one level or another, includes just about everybody. Unfortunately, a recent grim discovery makes it unlikely that we'll see the number of attacks decline any time soon. Not long ago, two new back doors were discovered in more than a dozen libraries that have been downloaded hundreds of thousands of times by server administrators.
Two popular tools have been backdoored
One of them was discovered in Webmin, which is a web-based administration tool that boasts over a million installations.
While the exact date is unknown, sometime in the early part of 2018, someone compromised the server that was used to develop new versions of the program. Once compromised, the unknown assailant used to access to distribute a backdoor that was downloaded nearly a million times and is no doubt actively used by tens of thousands of internet-facing servers. If you're using versions 1.90, 1.91, or 1.92 of Webmin, you are impacted and at risk.
The second recent discovery concerns the RubyGems repository. Here, the backdoor allows attackers to use pre-chosen credentials to remotely execute commands to infected servers. In addition to that, RubyGems developers also discovered that a cryptocurrency miner had been slipped into the code. That allows hackers to hijack infected servers to use their processing power for illicit mining operations, sending the proceeds to the hackers themselves.
These types of attacks can have an incredibly high impact because they tend to affect servers that sit at the heart of critical processes, like sending bulk emails or serving web pages. Unfortunately, once such a system is infected like this, the only way to secure it is to perform a complete rebuild which is a time and resource-intensive task that few business owners want to contemplate.
As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!"
Meanwhile, check out this report
This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them
I am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.
Contact me if you would like me to speak at your association.