What You Need to Know About WannaCry Infecting Linux

Several days have passed since WannaCry has wreaked havoc on the world with its clever use of an SMB exploit found within Windows, yet the malware continues making the news with new information and speculation surrounding its origins, its trajectory, and the potential for more massive attacks.

Some local press organizations around the world have even made wild claims about the virus, sometimes going as far as to say that North Korean leader Kim Jong Un is responsible. Wild assertions like these aside, there is one troubling piece of information that caught my attention suggesting that Linux is not immune to the WannaCry infection, and that’s just not completely true.

wannacry-portable

It’s foolish to assume that Linux is completely impervious to attacks. The Titanic was once called an unsinkable ship, yet today she lays at the bottom of the Atlantic Ocean unable to finish the maiden voyage she embarked on in 1912.

The idea that an attack could be carried out on Linux is kind of scary, and the news that WannaCry could infect the operating system has raised some concerns among its users. Some of them were asking whether this is even possible on forums around the Web.

In fact, the effect was strong enough to warrant a post on openSUSE’s blog halfheartedly implying that while it is technically possible for WannaCry to get some privileged access into Linux through WINE (for the uninitiated, that is the Windows emulator), a metric ton of things would have to go horribly wrong for this to happen in the first place. And most of those things would have to be done by the user.

For example, you would have to provide WINE with a way to gain access to your home directory by letting it run with root permissions (e.g. using “sudo” before “wine” in the terminal). Even then, the worst-case scenario is that WannaCry will gain access to the home folder.

As long as you are not running applications like WINE as root and opening WannaCry through it, you shouldn’t worry about being infected. If you run applications as they are meant to run on Linux, they will do so under an enclosed system with certain restrictions. It is generally harder for an application to overstep the boundaries set for it by the operating system than it would be under Windows. You’d have to practically try to infect yourself with the WannaCry worm in order to encounter any effect from it.

wannacry-root

When something running on Linux tries to get the operating system to do something with root privileges, it will ask you for your password. If you’ve used Linux for a long time, you’re probably already used to the password prompt appearing every time you update an application or install a new one. It’s just part of the daily grind. And if you get a password prompt out of nowhere, that should arouse your suspicion.

Just remember that although Linux is an armored tank, you are the driver. An operating system is a tool (this also applies to Windows, by the way), and how you use it largely determines how safe you will be. Yes, Linux does a great job of protecting you from most threats, but it’s only doing seventy percent of the work. The rest of it has to come from your own vigilance.

Use the tool the way it is meant to be used and don’t get complacent. Most importantly, do not rely on convenience to complete a job. Don’t change folder permissions to a higher level than they should be. Do not run applications as root when they don’t need it. Follow these simple rules and you should be fine.

Do you know more ways that Linux users can protect themselves from potential threats? Let us know in a comment!

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.