Linux devices 'increasingly' under attack from hackers, warn security researchers Ransomware groups want to make as much money as possible - that means they're going after more varied targets. by Danny Palmer @dannyjpalmer, Senior Writer - September 1, 2022 Trend Micro: Defending the Expanding Attack Surface: Trend Micro 2022 Midyear Cybersecurity Report
Ransomware attacks on Linux to surge Help Net Security - September 5, 2022 Trend Micro: Trend Micro Warns of 75% Surge in Ransomware Attacks on Linux as Systems Adoptions Soared
I'm always sceptical when such warnings are published by companies like Trend Micro, Symantec etc. On the other hand - most embedded systems never get updates. The same is true for many small rented servers (which are also often poorly configured). It's not surprising that they are under increased attack.
Well, that is exactly why so many attacks on Linux probably fly under the radar, it's because most people are skeptical and are quick to call this stuff FUD. Sure these companies are trying to make money, but that doesn't mean these attacks aren't real, unless all of these reported attacks that you read about on a weekly basis are all hoaxes.
You're missing the point: every OS needs security updates. Nobody ever said that Linux is completely immune against attacks as no software is 100% secure. But the well-known fact is that most embedded systems use Linux (because it's free) but never ever receive any updates during their complete "life". Similarly, cheap rental servers are often out-of-date, hardly receive timely updates (if any) and are often poorly managed (weak passwords, insecure permissions etc.). This has nothing to with OS X being more or less secure than OS Y.
No I did not miss the point, because I never said that this was about OS X being more or less secure than OS Y. I said this way of thinking is a dangerous one, because many people falsely believe that Linux and macOS systems are not under attack and less at risk from malware attacks, because of superior design. They are quick to be skeptical and call this FUD, while it's very likely that all of these attacks that are reported are indeed taking place.
The problem with your argumentation is that you don't differentiate. There are Linux desktop systems on the one hand, and there are Linux servers and embedded systems on the other hand. Linux desktop systems are frequently updated by their users (they receive update notifications nearly every day). Those users can be completey unimpressed by those news about Linux malware. Most of them (latest example here) swagger about the rising risk by Linux malware - and then, in a small sidenote, they mention abused CVEs that were fixed a long time ago. Hence completely irrelevant for all Linux desktop users. It's another story for Linux servers and embedded systems for which what I wrote earlier applies - if they are not updated in a timely manner. Which is practically never the case for embedded systems and sadly, rather often, for many servers. So one should differentiate and not make sweeping arguments.
Yes but how is this all relevant? Because this topic is about Linux servers right? And you said that you were skeptical about these reports, so I responded to this. The discussion that some of us had in the past about Windows vs Unix was mostly about if Unix was superior in design in terms of OS security, and I think it's not. Are Unix based systems less at risk from malware? Yes, because of the smaller market size, they are less often attacked and many people make use of trusted app stores on those platforms, so there is less risk of downloading malware from the internet. Linux servers are however widely used, so I wouldn't be surprised if many succesful attacks don't even make it to the news. But this doesn't mean it's poorly designed, same goes for Windows, because as you mentioned, with the right security hygiene, most of the attacks can be stopped.
