Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Starting the New Year with the Same Old Cybersecurity Plan? It’s Time to POLYMORPH Your OS!

By Archis Gore

It’s the beginning of a new year and a whole new decade.

If you’re anything like me, you’ll be taking a little time to mentally take stock of everything that happened over the past 12 months. And looking forward, you’re probably beginning to make new plans and resolutions for the future.

In many ways, 2019 was a record-breaking year with a fair share of highs and lows.

From a professional perspective, one statistic that stood out for me was the sheer volume of cybersecurity attacks and data breaches over the year. While final figures have yet to be analyzed for the full year, estimates suggest data breaches have increased by over 30% from 2018 and the number of records exposed has more than doubled[1]. With the average cost of a data breach in the US running at over $8 million[2], this is an ongoing problem that simply can’t be ignored.

These figures may not be a surprise – and your initial reaction might be that this is one of those “doom and gloom” blogs that are purely about the risks and threats. But before you stop reading, let me assure you that it’s not. I want to put the spotlight on something much more uplifting and positive.

Read on if you’d like to find out how to better protect your organization.

Confounding the Hackers

Over the past decade, nefarious hackers have largely been behind the exponential growth in data breaches. They’ve been working hard to exploit code vulnerabilities and undermine our defenses. In many ways, we’ve been making it easier for them. There’s a whole host of reasons for this, but let me highlight just one of them.

Today, much of the IT infrastructure we use and a high proportion of our enterprise software is running on Linux, whether it’s on-premise or in the cloud. That’s logical. Linux is a robust, powerful, efficient and generally secure operating system (OS) trusted for even the most demanding business-critical applications.

Of course, even with Linux, there are still weaknesses that hackers can take advantage of. Attacks are often aimed at specific memory locations, CPU registers and other targets by leveraging flaws before they have been fixed and patched.

And therein lies the rub; standard OS deployments create nearly identical builds with uniform resource mappings. This makes it far simpler for hackers to conjure up one approach to hit a huge volume of vulnerable systems.

Shifting the balance of power

It turns out that the way humans manage to survive serious illnesses and viruses in these harsh winter months is also a key factor in thwarting the efforts of hackers. Anthropologist Margaret Mead is often quoted as saying:

“Always remember that you are unique. Just like everyone else.” Genetic diversity is what makes each of us unique. It’s one of the most important protections for the human race against disease and epidemics.

In the same way, ‘Polymorphing’ your OS is the ideal first line of defense against cybersecurity assaults. This is achieved by running Linux through a polymorphic compiler during deployment to effectively scramble the source code. This creates an OS with a randomized and unique resource mapping, making it exceptionally difficult to crack. Each diverse OS instance is effectively immunized against everything in the code-execution, overflow or memory corruption attack categories. That’s a large part of any hacker’s toolbox.

Polymorphing definition

This is the approach we’ve adopted here at Polyverse. We deliver a leading-edge cyber-technology, Polyverse Polymorphing, that builds diversity across multiple system dimensions, increasing complexity and cost for attackers and stopping attacks before they start. It’s currently available for most Linux Operating Systems Not only does it provide our customers with the binary diversity described above, but it also recompiles the entire OS every 24 hours, which takes the level of protection to a whole new level.

Looking ahead to 2020 and beyond

According to industry analysts and forecasters, the risks and dangers from cybercriminals will continue to climb and get more sophisticated. It’s clear that a strong, systematic and multi-layered approach to security is going to become even more critical over time.

The unique diversity and safeguards enabled via Polymorphing your OS should be combined with other proactive defensive measures to lower your security risks and successfully manage these elevated threat levels.

To learn more:

[1] Source: RiskBased Security. Data Breach Quickview Report, 2019 Q3 trends.

[2] Source: IBM. 2019 Cost of a Data Breack Report.

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.