Conventional wisdom would have us believe that Linux servers are a million times more secure than Windows servers.
On several occasions, I’ve come across tech magazine articles and blog posts that Linux servers do not need anti-virus software because Linux is free from the malware plague that has laid waste to Windows servers and desktops.
Alas, the truth is a different beast according to the security mavens at Sophos.
As we should have long realized, when humans enter the picture there are no safe havens anywhere
Linux Servers – Malware Epidemic
A recent Sophos study of 178,000 newly-infected web servers has brought out some extremely distressing facts about Linux.
When Sophos security expert Chester Wisniewski worked backwards to see what operating system his sample of 178,000 newly infected web servers were running, he found that 80% of the servers in active use by cybercriminals for spreading malware were on Linux.
If this does not strike the fear of God in Linux systems administrators, they ought to seek immediate medical help.
In the course of his investigations, Wisniewski also found that 80% of the infected Linux systems were other people’s computers, i.e. innocent servers were hacked and co-opted by bad elements to provide bandwith and legitimacy for online criminality. So criminals are hitting legitimate businesses by riding on their good reputation and ultimately destroying them by loading their systems with malware and botnets.
Linux Servers – Malware Distribution
A huge worrying fact is that infected Linux computers can serve as distribution points for Windows, Mac, and Android malware.
In theory, a single infected Linux server could compromise hundreds of thousands of Windows desktops with DDOS (distributed denial of service) botnets, ransomware and other malware.
Even allowing for the fact that Sophos might be engaging in some fearmongering to peddle its new anti-virus software for Linux cloud servers, the malware picture on Linux servers highlighted by Chester Wisniewski in a recent podcast is alarming.
It seems infected Linux servers have now become a major conduit for cybercriminals to spread malware far and wide on end users running Windows, Mac or other operating systems on their PCs and notebooks.
Smart systems administrators must quickly understand that as Linux entrenches itself into data centers, cloud servers, web servers, file servers and developer workstations, its appeal to cybercriminals will only grow.
Complacent system administrators, beware! Linux is not a safe haven!