Malware beyond Vista and XP: Executive Summary

This article by Magnus Kalkuhl and Marco Preuss provides a brief overview of malware which targets systems other than Windows. It also examines what steps can be taken to protect non-Windows systems or heterogeneous networks.

The vast majority of today’s malicious software is designed to target Windows systems; this sometimes causes people who use other operating systems to believe they are not at risk. However, this is not the case. Malicious programs targeting other systems have been around since the early 1970s; Apple was first targeted in 1982 by the Elk Cloner virus, and it wasn’t until 1986 that MS-DOS compatible malware appeared.

Private households gaining access to the World Wide Web, and Windows gaining a significant market share created ideal conditions for malware to flourish. Although non-Windows systems may seem security heaven, users of alternative systems have to be prepared for malware authors and cybercriminals to start targeting them as well. The greatest threat lies in believing that a system is impregnable, with a consequent refusal to take appropriate security measures.

It’s essential for businesses to secure their networks to protect both sensitive data from theft or manipulation, and network users from malware attacks. The authors offer an overview of some of the options currently available for Linux/ Unix-type installations, including firewalls, intrusion detection and intrusion prevention systems, proxy servers etc.

The article also highlights the fact that it may be difficult to find appropriate security solutions for some non-Windows servers due both to the OS used and the diverse CPU architecture. If appropriate solutions are not available, such systems should be isolated from the network in order to reduce risk as far as possible.

Additionally, networks now include smartphones and other mobile devices which also have to be protected. Increased diversity of devices means the range of platforms is also expanding and this may make it extremely difficult to find security solutions which protect all nodes of such networks.

The authors conclude that although non-mainstream systems can offer certain security advantages, security is by no means guaranteed – for instance, a Solaris desktop system might be considered unconventional, but its server counterpart is a standard system and therefore potentially more prone to attack. Regardless of the operating system, computers and networks should therefore be protected using a combination of complementary technologies.

The full version of the article is available on www.viruslist.com.

This material can be reproduced provided the author, company name and original source are cited. Reproduction of this material in re-written form requires the express consent of the Kaspersky Lab PR department.