What If The Cyber Attack On Linux Were Successful?
Three lessons learned and a terrific scenario – read until the end! – around hacking the Internet
Last Easter was a lucky one as a single man prevented by accident a global disaster. Orchestrated over three years, a supply chain attack aimed at taking control of millions of computers.
Have you ever imagined a scenario where cyber attackers could have access to a massive part of the Internet? It’s a scary thought, but unfortunately, it was about to become a reality.
What happened
The attack arena was a broadly distributed file compression tool, the open-source xz Utils. A malicious organization, over three years of social engineering, took control of the project and inserted a back door.
A half-second slowness in a Debian Linux distribution was the smidgin symptom that led Andres Freund to unveil what was silently happening. A detail saved the world.
Millions of computers could have been affected. Who is behind the attack could have taken control of all of them.
What was the purpose? For now, it’s not known, but I have a hypothesis to share with you: let’s get there step by step.
