Explain the Dirty COW Linux kernel vulnerability using the OWASP web application risk rating methodology and how the Cloud Control Matrix can be used to defend an enterprise from a similar attack.
- [Instructor] Our first case study involves a vulnerability in the Linux operating terminal called dirty copy on write it affects all Linux based operating systems including Android that use older versions of the kernel. In it, a malicious actor exploited this software bug in order to get root level control of the company's computers. The fault allowed for undetectable privilege escalations. Local escalation was then used with other exploits to execute non-privilege code and achieve remote root shell. This attack preyed on untrained employees, weak IT governance, under-developed technical risk management, and a lack of telemetry within the cloud computing environment. With the now vulnerable system, the attacker was able to ex filtrate data and user credentials leading to account hijacking and unauthorized system access. The financial impact of this type of attack can vary, depending on the type of system effected. Organizations are more liable to suffer financial penalties stemming from data protection and privacy violations. Data and system control loss will also sow doubt regarding data integrity, ideality, lineage, and providence. Much needed controls included AIS-02 customer access requirements, CCC-03 quality testing, and BCR-01 business continuity planning. Key takeaways is the need for employee training, especially around social engineering and the need to continually perform activity baseline monitoring across your organization.
- Cloud computing drivers
- Deployment and services models
- Attack vectors
- Cyberthreats to financial services
- Regional requirements for data privacy and protection
- Regional risk and compliance requirements
- Case studies in financial cloud security