[Info-vax] Some attackers are going after older operating systems
Arne Vajhøj
arne at vajhoej.dk
Wed Oct 20 11:19:52 EDT 2021
On 10/20/2021 9:02 AM, Simon Clubley wrote:
> On 2021-10-20, Arne Vajhøj <arne at vajhoej.dk> wrote:
>> On 10/20/2021 8:14 AM, Simon Clubley wrote:
>>> For those of you who think that only the currently fashionable systems
>>> get probed, this is an article for you:
>>>
>>> https://www.theregister.com/2021/10/20/linux_solaris_under_attack_at_telcos/
>>>
>>> Basically, the article claims other operating systems are being
>>> probed precisely because they are _NOT_ being watched by infosec teams.
>>
>> Actually the article says that the current fashionable and
>> biggest server marketshare OS Linux is being probed because
>> infosec has more focus on Windows.
>>
>
> Erm, Arne, did you miss the Solaris references in the URL and in the
> article ?
>
> Solaris occupies the same places in organisations that VMS does and
> by now probably also has the same "something different" mindset about
> it to those organisations.
They also went after Solaris. And Solaris is niche today like VMS.
But the fact that they did go after Linux showed that the attackers
were not specifically going after older niche systems.
The premise that infosec teams are not watching Linux
and Solaris systems are also highly questionable.
The other argument "critical telecommunications infrastructure running
on those operating systems" on the other hand sounds way more plausible.
For a targeted attack you attack whatever OS you need to attack.
If that critical infrastructure had been running on VMS and Windows
then they would have had to attack VMS and Windows.
Arne
More information about the Info-vax
mailing list