As per a new security report published by BlackBerry Ltd., multiple Chinese government-affiliated hacking groups have been infiltrating large Linux-powered data centers across the world.
While the report also mentions the hacking of Android smartphones and Windows machines, the Linux angle is worth more attention as Linux-based machines are generally perceived to be more secure.
Even though Linux isn’t the top choice when it comes to desktop operating systems, it’s known to power about 75% of all web servers and nearly all popular websites and top supercomputers.
What further differentiates the attack on Linux servers is the fact that all threat groups performed a coordinated attack; the attack on the Windows and Android machines were more specific in nature. As a result, a massive volume of web traffic, sensitive IP addresses, trade secrets, and user data is suspected to have been infiltrated.
The report, titled “Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android,” states that this infiltration has been going on for nearly a decade. It has been uncovered that a total of five Chinese threat groups performed cross-platform attacks in stealth mode.
The Chinese Government Provided Full Support To Hackers
The report identified that civilian contractors were the ones mainly carrying out these attacks on behalf of the Chinese government. It goes without saying that the authorities have readily supported them with the necessary infrastructure, intelligence, and tools.
Digging further, it was found that the whole operation comprised of finding and creating backdoors, rootkit-level attacks (to be specific, two kernel rootkits), and online-build environments that were hard to spot. The researchers, as a result, have predicted that the low detection rate could have resulted in a high number of affected systems.
The BlackBerry report has become even more important in the wake of the current COVID-19 situation that has forced a large number of workforce to work from home. As a result, critical systems and data centers are left exposed with not enough security personnel to secure the premises.
“This research paints a picture of an espionage effort targeting the very backbone of large organizations’ network infrastructure that is more systemic than has been previously acknowledged,” according to John McClurg, Blackberry’s Chief Information Security Officer.