In Higher Ed? Here’s the Best Advice You Can Give Your Linux Users
Linux is everywhere in higher education – from the computer science lab right through to the large server fleets power cutting-edge research and everything in between. But, like any other software component in the technology stack, the Linux OS is vulnerable to attack – particularly when it’s not patched against known vulnerabilities.
Why is that a danger for higher education institutions? In this article, we’ll take a look at the prevalence of Linux in higher ed, why Linux is also a security risk – and what institutions can do to guard against Linux vulnerabilities.
Linux in All Corners of Higher Education
Linux is a preferred choice for researchers, particularly in scientific and technical fields, because it provides access to powerful computing resources and tools. It’s flexible, open source, and easy to customize – making it ideal for modeling and simulation, data analysis, and visualization.
The Linux OS is also a popular choice for high-performance computing clusters and supercomputers, including for tasks such as climate science, genome sequencing, and nuclear physics simulations. For example, The MIT Supercloud is a large-scale HPC cluster that runs on the Linux operating system. It is used by researchers in a wide range of fields, including physics, engineering, biology, and economics.
Similarly, the National Center for Supercomputing Applications (NCSA) at the University of Illinois operates several HPC systems that use Linux, including Blue Waters, a highly parallel supercomputer used for large-scale simulations and data analysis.
That said, because of its low cost, Linux is also commonly used for routine tasks such as administration, lessons in the computer science class, etc. In fact, the free and open nature of Linux means that you’ll find it being used in just about every corner of colleges and universities.
Threat Actors Need Just One Entry Point
Threat actors use a variety of techniques to gain access to an educational institution’s systems and data, but one common approach is to exploit a single entry point that is often missed or overlooked by the institution’s security measures.
That could be a Linux workstation or server that’s quietly doing its job, somewhere in a quiet department on a vast campus. This Linux system could have an unpatched vulnerability, for example, which enables the threat actor to gain entry.
Once the threat actor gains access, they can then begin to explore the organization’s systems and look for additional vulnerabilities or weaknesses to exploit. They may also use the initial access point to move laterally through the organization’s network, gaining access to other systems and data along the way.
In other words, a single vulnerable Linux system can lead to a large compromise because even a small vulnerability can be enough for a skilled attacker to gain access to sensitive data or systems. From there, the attacker can escalate their access and move deeper into the organization’s network, potentially gaining access to more sensitive data or systems.
Linux OS vulnerabilities can allow attackers to gain unauthorized access, but by patching Linux systems, higher education institutions can mitigate the risk of these vulnerabilities being exploited by threat actors. Patches are released by Linux vendors to fix identified vulnerabilities, and they can help to prevent attackers from gaining access to systems or data through known vulnerabilities.
In contrast, failing to patch Linux systems leaves anything from a simple desktop machine to a critical high-performance computing network vulnerable to known vulnerabilities that could be exploited by threat actors to gain unauthorized access. This could allow attackers to move laterally through the organization’s network, gaining access to additional systems and data, and potentially leading to a large compromise.
In other words, to prevent some of the most common attacks, the best advice your Linux users can follow is to patch their Linux OS – and to patch consistently. Where the Linux OS is end of life, e.g. CentOS 6, an upgrade is a first, essential step.
Overall, consistently patching Linux systems is a critical component of a comprehensive security program, and organizations should prioritize patching as part of their regular security maintenance activities. This can help to ensure that their systems and data remain secure and protected from potential threats.
Consider Automated Live Patching
Getting Linux users to patch consistently in a non-commercial environment is, of course, going to be tough. It takes a lot of time to patch, and patching can be disruptive. One alternative is to automate it – and to advocate for the use of live patching tools, such as kpatch from Red Hat, or Canonical’s Livepatch for Ubuntu.
You can also consider implementing a commercial Linux live patching tool such as TuxCare’s KernelCare. With KernelCare, you can automatically live patch most of the commonly used Linux distributions – making it far easier to protect Linux systems in your institutions, and closing one of the most common ways threat actors breach networks.
Either way, educating your users about Linux patching is critical. It matters not just for the headline-grabbing computing systems your institution depends on, but for every single workstation – even the systems your students train on. Patch Linux tightly and you significantly reduce the risk of a breach.