Run Microsoft(Powershell) Software On Linux? More Risk

Did you think it would never happen? Microsoft and Linux are increasing in their ties to each other.

So as we protect systems in our networks, we are increasingly incorporating Linux systems for various reasons, Web servers, specific SQL server database needs  or other reasons (file sharing or other support systems).

A potential threat vector to the Microsoft Windows environment/ network could be the Linux machine. Especially if Microsoft Powershell  commands can be run on a Linux machine. Now you can truly have any machine  that is taken over be the breach entry that takes down your network.

How is this possible (viewing Internet Storm Center posts)? By installing a number of software pieces:

  1. First install Powershell itself
  2. Second install Mono (an open source implementation of Microsoft’s .NET framework)
  3. Install OpenXML
  4. Now you can run Powershell

This is an interesting development as it means that even a Linux machine can be turned into a sophisticated attack machine into your environment.  Of course we knew that as Kali Linux has specific attack tools. But now we are not using attack tools but Microsoft tools running on Linux.

I want to switch directions a little bit and discuss the problems of directing a company:  By stating “Business Decisions” — “External Pressure”  in a Risk Assessment discussion.

The cybersecurity – world of vulnerabilities is in the space of “External Pressure”, but I wanted to create a picture of the whole world of Risk for a company. And the risks are in Supply Chain,cloud, leadership/labor,change in technologies.  When one sees risk for the company in its totality, the new vulnerabilities risk is much smaller in comparison to the others. especially if the other risks are changes in competitors(Amazon) or changes in environment.

It is only when some news event comes into the fore, like a major breach, then it is obvious that Cybersecurity needs to be reviewed periodically.

Of course if one did that in the first place, then one can focus on the market and technology changes.

This is the problem we computer risk professionals wage, as the CEO/CFO are forever working the major problems for the company, and they rarely see cybersecurity as a major threat – due to much more important problems for the company.

Contact Us to discuss how we can let you focus on more important things, let us do some of the Cybersecurity items.

Advertisements

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.