By: Isaac Msiska

For decades the Linux Operating System has been considered impenetrable to viruses and a hard shell for malware developers to crack. Arguments that Linux has a minority OS market share thus discourages malware developers from targeting the OS or that the OS’ primary security setup restricts root access and fends off viruses from auto-executing, reverberated across the Linux walls. The belief, all along, has been that Linux cannot – and to a certain extent – will never be infected by a virus. IT professionals idolized the penguin logo and treated Linux as the messiah of OSs. 

But the truth is more complicated than that. 

Like any other OS, Linux is not immune from viruses. It is sheer naivety to think that one is safe from viruses because his PC is running off the Linux kernel. The malware landscape has changed. Malware developers are switching gears and speeding towards the Linux lane. Only when one is abreast of the changing landscape and understands what is trending in the virus realm can she develop protection mechanisms to shield her Linux system from preying malware. 

What exactly is going on behind the virus curtains? 

Linux malware is on the rise

The Windows Operating System leads the pack of the most malware with a staggering 57.76 million malware identified for the OS in 2021, as estimated by av-test.org which records digital malware. But that does not mean Linux is a saint. Contrary to popular belief, the level of malware targeting Linux systems is rising at an unparalleled rate. Malware developers are shifting their gaze to Linux and gradually innovating their threats by creating malware that specifically targets the open-source OS. 

In 2015, HP’s Cyber Risk Report projected that the Linux OS accounted for 35 percent of all malware. And in 2020, IBM said the risk had escalated. The IBM X-Force Threat Intelligence Index stated that 56 new families of Linux malware were discovered in 2020. This is the highest ever for Linux and far more than the level of innovation found in other threat types. It also signifies a 40 percent year-over-year increase from 2019 to 2020. To a loyal Linux follower who has been blinded into believing that the OS is a virus detergent, this should be enough to trigger the instinct to be cautious. These are not the days to sleep on the job and wrongly think that your Linux Operating system will easily thwart off any virus attack leveled against it even if the security is lousy. 

Ransomware never sleeps – and it is coming for Linux 

Ransomware is undoubtedly the most prolific and rapidly progressing malware of the digital age. IBM X-Force Threat Assessment Index indicates that ransomware continues to be the number 1 threat type and represented 23 percent of cyber-security incidences that IBM handled in 2020. Ransomware made its debut headlines in the windows platform and had an almost zero presence in the Linux domain but the scenario has made a dramatic U-turn. Malware programmers are twisting their code to create ransomware that can ravage Linux systems. Variants of ransomware that were prevalent in the Windows system are now being detected in the Linux OS. In 2020, researchers at Kaspersky labs made a startling discovery when they found a new file-encrypting Trojan intended to encrypt data on machines controlled by Linux-based Operating Systems. The threat was actually a Linux build of RansomEXX, a previously known family of Windows ransomware. 

Linux ransomware developers have upped their ante and are making millions of dollars in profit while causing record-high damages from their attacks. A ransomware gang known as REvil made approximately more than $23 million in profits and made away with 21.6 terabytes of data from Linux attacks in 2020. Keen followers of cyber-security news will relate this to one of the most high-profile attacks on Linux servers in 2017 when a South Korean web hosting company NAYANA had 153 of its Linux servers attacked by the Erebus ransomware. NAYANA had a rude awakening – more than 3,400 websites it hosted were encrypted and the company reportedly paid $1 million in bitcoins to regain control of its servers. 

IBM affirms that the attacks on Linux systems will persist, making it quite clear that the worst is not over.  

Time to up the Linux security game 

Swatting threats of virus attacks against an Operating System – Linux or otherwise – depends on having accurate, up-to-date information about their Modus Operandi. Advance knowledge about viruses will help you to keep your system clean and prepare you on a viable war footing in the malware wars. There are several approaches on how you can shield your Linux baby from the dangers posed by ransomware, worms, or other types of horrendous viruses but the following few strategies will give you a head start. 

Patch, patch, patch

There is a good reason that Linux developers release regular patches and system updates to the Operating System. The idea is to patch notable loopholes that would give potential malware the leverage to wrest the Linux system from your control. Downloading such patches and system updates keeps you ahead of the game, adds an extra layer of protection on the Linux OS, and raises your security level a notch higher. Unpatched OSs present open doors that put your system in harm’s way. 

Stick to official repositories 

Linux distributions come with official repositories where users can download updates or plugins to the distros. Distros downloaded from official repositories give the Linux user assurance of safety since the distros are managed by developers who are responsible for security and maintenance. There are some distros that are found on random sites on the ‘wild wide web’ and while it may be tempting to opt for such unofficial repositories, it is best to stay away. Installing programs outside the official repositories opens the Linux system to unknown attacks because there is no telling what malicious code may be lurking under their hood. 

Use anti-virus software 

Multiple sources online argue that Linux users do not need to install an antivirus. However, many Linux antiviruses exist for the OS – which simply proves that software developers have realized the need to have an antivirus for the system. If you are keen on installing anti-malware in your system, you can pick from the numerous antiviruses, such as ClamAV and Sophos, available for Linux distributions.  

To wrap it up 

Linux remains a very secure OS but it is not immune to malware. Virus developers are increasingly making targeted attacks on the OS and are setting up shop in the Linux universe. The level at which Linux -based viruses is rising only seeks to cement the fact that Linux users are no longer safe.