The case
Over Easter, sheer luck prevented probably the biggest catastrophe in global IT security. Software developer Andres Freund discovered that the “back door” in the software used worldwide for remote server maintenance had been secretly accessed.
Source: Thomas Krause; NZZ and dnip
The commentary
One cannot help but wonder how this could happen and one must seriously ponder about what can and must be done to prevent this from happening again (find out more in link). Linux and Unix operating systems are not familiar to the general public as these systems are rarely installed on computers and laptops in offices or at home. In contrast, a large proportion of Internet servers use Linux, and according to the analysis platform W3Techs, 85 % of all web servers run on Unix. It seems that the perpetrators were able to access most of the systems, and at this point in time who was behind the attack is still shrouded in mystery though the elaborate procedure and technical skill as well as the fact that the “back door” was only accessible by means of a specific key (mechanism ensuring that cyber criminals or enemy states are prevented from spying or jeopardise the systems) point at professionals. In consequence one must assume that Freund’s discovery unveiled the activities of a foreign secret service. According to Neue Zürcher Zeitung said organisations would have the resources and time for such long-term operations.