Hi Team,
I work for a small/medium UK company that has been hit by a randsomware attack: Lockbit 2.0.
I’ve used ubuntu a few times, and know what a terminal is, so I became our overnight linux expert. (Me and 2 devs with some none security linux knowldege). We have been told the mac and linux equivalent dosn’t exist yet.
Our Linux systems are minumal, and mostly a few networked raspberry pi’s for R&D, and I’m guessing the onboard computers of a few 3D printers.
We are talking with security experts now, but I wanted to get an idea of what the risk was to these linux systems;
- The attack spreads via group permissions when logging in to the domain - we assumed we were safe here as Linux dosn’t log in to to the domain in this way.
- It runs a .exe file to encrypt - none of our pi’s have wine installed - so likely another reason this is good.
So we fed back that it is likely low risk - but if we were worries we should just flash them and start again.
Any insider information would be greatly appricated, and if our above assumptions are widely innacurate I’d love to hear it!
Thanks in advance,
Kingly*
*Sorry - dyslexic! Noticed this isn’t spell checked…