Red Hat Hacked, Company Issues Security Advisory

In a sign that hackers have no problem taking advantage of open source solutions, Linux-based product distributor Red Hat issued a "critical" security advisory on Friday, saying that its servers had been compromised.

In the advisory, Red Hat warned that hackers had somehow taken control of its systems by tampering with code. The attack was discovered last week. The intrusion was not systemic and didn't affect the company's content distribution programs. Consequently, malicious code was not uploaded to users of Red Hat's products.

There were early indications that something might be awry on the week of August 12, when scattered reports indicated that Red Hat's flagship Fedora OS was rebooting continually, causing intermittent outages. The culprits have yet to be identified.

The hackers got hold of a small number of OpenSSH packages relating only to Red Hat Enterprise Linux. OpenSSH, or Open Source Secure shell, is a set of programs that provide encrypted code transference over a network using secure shell protocol. OpenSSH is a free software alternative to a commercial solution produced by Finish IT company SSH Communication Security, which patented the SSH protocol technology.

Security experts say that this hack has lasting implications for the Linux movement and open source security.

"It's true that hackers can and will take advantage of a development and distribution program that's not like Windows," said Reuben Davis, a consultant for Affiliated Computer Services, a large IT services outsourcer. "Intruders capitalize on the geek factor of Linux and there are no licensing restrictions or elaborate security programs backed by big R&D teams; it's an anonymous community."

Microsoft Security Engineer Robert Hensing weighed in on the Red Hat security problem in his blog on Friday.

Hensing said he couldn't "imagine what the fallout would be" if programs such as Windows Update and Automatic Update servers "got pwnd [owned] like [RedHat]." 

"It's like the package signing server and stuff….[Red Hat] seems to be doing the right thing and are going to issue new signing keys etc. and will hopefully revoke the old ones," he added.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.