General Problems
Operating Systems may be attacked in different ways. For example: a copy of an operating system (“OS”) is the same on millions of phones, hundreds of thousands of cars, etc. One way hackers craft attacks is to acquire (buy, steal, and/or borrow) a device or software that is representative of their eventual target. Using that device, the attacker may study the software on the device, a practice known as reverse engineering, looking for weaknesses and vulnerabilities. If a vulnerability is identified that meets certain criteria, it is possible the vulnerability can be weaponized, as an exploit. The exploit is code written by the hacker that utilizes the vulnerability for a specific purpose. The range of purposes includes privilege escalation, data exfiltration, denial of service, etc. Depending on the nature of the vulnerability and exploit, the exploit might be usable against other devices of the same OS and hardware configuration. For example, smartphone jailbreaks are exploits figured out by someone, promulgated through the user community as a toolkit that anyone can use to achieve a jailbreak on their own device. The same principle applies to server OSs, embedded OSs in SCADA equipment, etc.; that is, figure out the attack on one device and levy the attack on similar devices.
In the last 24 months, there have been more than 200 documented vulnerabilities in the Linux OS and Kernel, according to the National Vulnerability Database. The cost of rewriting, patching, etc. may be very expensive.
Vulnerability of Virtualized and/or Cloud-Based Operating Systems
When OSs run on bare metal, as they did for the first few decades of the micro-computer age, there was structure security in the physical separation between computers. In a cloud environment, this concept of security is challenged, because there is neither physical nor even logical separation between the guest OSs. Even if they ran on separate physical machines, the cloud system centrally manages the allocation of resources, guest OSs, etc. Because many layers of computing, networking, and decision logic are between the guest OSs' binary instruction and the actual execution on the host system, there are many opportunities for attackers to use the virtualization as a basis for attack.
Vulnerability of Embedded Operating Systems
In some parts of the world, computing has already achieved a degree of ubiquity, with low-cost embedded computers popping up an uncountable number of times a day (traffic signals, transit communications, building environmental control, point-of-sale systems, smartphones, tablets, wireless networking, security systems, environmental data collection, automotive control systems, and many more).
In the past, the only systems with enough processing power and financial importance to be worth hacking were corporate and governmental IT assets. Today, these systems are everywhere, without even the historical layers of protection from being behind locked doors. Today's embedded systems have a few constraints, each of which has a security impact:                1. Supply chains are managed to reduce hardware costs by fractions of pennies because the eventual sales price of the system is low. Operational security controls (guards, inspections, etc.) add cost to manufacturing that might be avoided in order to maintain price competitiveness. The same cost perspective might impact electronics design by cutting out security circuitry (e.g. trusted platform modules). Attackers could bake themselves into a large swath of commercial products by manipulating a firm's supply chain, electronic components, etc.        2. Large numbers of identical products will be manufactured and they will be relatively inexpensive to acquire. In the days of mini computers, attackers had a much harder time acquiring hardware on which to formulate and test attacks.        3. Decades ago, almost all components of a defense weapons system were entirely proprietary and custom manufactured. The result was that to craft an attack, the attacker needed a piece of the hardware in question, access to which was highly guarded. Today, commercial electronics are increasingly relevant to weapons systems because they decrease design time and testing cost. The military industrial complex needs tools to address the increasing base of commercial software/hardware in sensitive systems because an attacker can easily gain access to subcomponents or other electronics. This allows the attacker to find their way deep into a system by attacking the vulnerabilities of the publicly available systems.        