Pinterest Stumbleupon Whatsapp

You left Windows behind because of security issues. The sensible option was to move to Linux, famously more secure. But is it as secure as you think it is?

Throughout 2016 we’ve learned of a whole new dimension to Linux. Security threats can occur just as they do for Windows. While old-fashioned viruses might not be a problem on Linux, Trojans, ransomware, and browser security are all issues that you need to be aware of.

So, what are these threats? Let’s take a look.

1. Linux Trojans and Backdoors

Trojan packages usually deliver backdoor access, botnet malware, or ransomware to a computer. But there can’t be any Trojans that run on Linux, surely?

Wrong.

Image Credit: posteriori via Shutterstock.com

While scripts designed to damage system data (viruses and worms) by assuming root privileges are largely protected against in Linux (thanks to the robust kernel design), other problems have been encountered. For instance, in August 2016, the Linux.Rex.1 Trojan was discovered. Capable of self-distribution, sending spam emails, DDoS attacks and even targeting specific content management systems online, the Trojan is also equipped to coordinate infected machines as a peer-to-peer botnet.

While traditional botnets rely on a command-and-control server (which can be shut down by law enforcement), Linux.Rex.1 is designed to exist autonomously. This allows it to persist and propagate in the wild.

So what can you do?

The best option here is to ensure that your Linux PC has some antivirus software installed. A full suite would be overkill; tools to detect botnet clients, on the other hand, are wise. Two options are open to you here, so use both:

  1. Install clam-tk and clam-av Control Virus Scans From The Command Line With Clam Antivirus [Linux] Control Virus Scans From The Command Line With Clam Antivirus [Linux] There are a few ways in which you can access Clam Antivirus for numerous purposes. First, there's a front end to Clam Antivirus which you can use to perform tasks graphically. It is called Clamtk... Read More to scan your Linux PC for any malware, including botnet clients that turn your PC into a zombie.
  2. Use a packet sniffer (netstat, for instance) to detect outgoing traffic heading to the same unidentified address.

2. Be Aware of Ransomware

You may know that ransomware requires elevated privileges to install and encrypt your data A History of Ransomware: Where It Started & Where It's Going A History of Ransomware: Where It Started & Where It's Going Ransomware dates from the mid-2000s and like many computer security threats, originated from Russia and eastern Europe before evolving to become an increasingly potent threat. But what does the future hold for ransomware? Read More . And you may know that it is extremely unlikely for this to happen with a Linux operating system.

But it’s not impossible.

We’ve already seen the Linux.Encoder.1 ransomware in 2015, and the likelihood of Linux-targeted ransomware increasing seems likely, especially given the platform’s provenance in web servers. While Linux.Encoder.1 had a fatal flaw for the developers (a faulty implementation of the AES encryption system How Does Encryption Work, and Is It Really Safe? How Does Encryption Work, and Is It Really Safe? Read More made it relatively simple to crack), such mistakes are unlikely in future.

Staying safe from ransomware, like other malware, is vital. As such, we recommend being extremely careful when installing software from non-official repositories and PPAs Need More, Or Updated, Software? Try These 7 Ubuntu PPAs Need More, Or Updated, Software? Try These 7 Ubuntu PPAs Read More . If you have to do this, make sure you check the relevant forums and discussions for any signs that other users have reported of suspicious activity.

3. Physical Theft Remains a Problem with Linux

Do you keep your Linux PC or laptop locked up when not in use? Is it safe? Because if not, you have a potential problem on your hands. A stolen Linux PC might not be particularly attractive to the vast majority of thieves, but if they have the skills to reformat the HDD (or replace it entirely) before selling it on, then your device and data will both be truly lost.

Image Credit: Sergey Mironov via Shutterstock.com

Countering this is as difficult on Linux as it is on other platforms. Perhaps there is a slight difference with the likelihood of it happening (and the potential for an unsuspecting thief to return the device once it is discovered to be running Linux rather than Windows or macOS) but physical device security 7 Security Behaviors You Should Be Using to Stay Safe 7 Security Behaviors You Should Be Using to Stay Safe Being aware of online threats is half the battle. Complement that with using the right tools and behaviors, and you should be good. We've compiled everything you need to stay safe. Read More remains as important for Linux devices as it does for any other.

Keeping it in a car? Make sure it’s locked, secure and out of sight. In the office? Then keep your Linux PC secure with a Kensington locking cable, and laptops protected from theft by securing them in a heavy duty draw or cupboard.

At home, the same applies. And if you haven’t already installed the Prey tracking software Use Prey & Never Lose Your Laptop Or Phone Again [Cross-Platform] Use Prey & Never Lose Your Laptop Or Phone Again [Cross-Platform] Here’s the thing about mobile and portable devices: since they aren't tethered to anything, it’s almost too easy to lose them or, worse, have them stolen from right under your nose. I mean, if you... Read More on your Linux PC, do so. It’s available from www.preyproject.com for Ubuntu and other Linux flavors. Once installed, you should be able to track a stolen computer, and use the information to retrieve, or delete it.

4. Dual Booting With Windows

While viruses are unlikely, the data on your Linux PC could be at risk if you dual boot with Windows 7 Reasons Why You Should (and Shouldn't) Dual Boot Linux 7 Reasons Why You Should (and Shouldn't) Dual Boot Linux Often, making the choice of installing Linux over Windows can be tricky to justify. But why not opt for both? Here are five reasons to dual boot and two reasons you shouldn't. Read More . Essentially, you’re giving a would-be intruder an additional opportunity to access your PC.

All they need is the username and password to one of the accounts.

Thanks to special software that can be used to read Linux partitions, your Linux data is at risk from unauthorized access to your Windows partition. For instance, as a dual booter, I use Diskinternals Linux Reader occasionally to retrieve files that I need quick access to that are stored my Linux partition.

With poor security on my computer, anyone could switch it on, find themselves unable to sign into Linux, and try their luck with Windows. If successful (which would naturally require my Microsoft online account, or local Windows account to be compromised) any data stored on my computer would be at risk, regardless of whether it is stored in the NTFS or the Ext4 partition.

In short, don’t assume that running Linux keeps you safe. There will always be a way for cybercriminals to infect or steal data, regardless of the operating system.

And these security issues facing Linux PC owners don’t even touch upon the various issues that have been detected on internet servers, most of which run Linux.

Is your Linux setup secure? Are you concerned about any of these issues ruining your Linux experience? Leave a comment and let us know how you feel.

Image Credit: Creativa Images via Shutterstock.com

  1. matega
    February 15, 2017 at 6:10 am

    Who writes such an article and then fails to mention backups (protects from #2) and full disk encryption (protects from #3 & #4)?
    And using Windows to steal Linux data? Oh right, must be a Windows user, otherwise booting a live Linux would be the first thing that pops into their mind.

  2. Oded Arbel
    February 15, 2017 at 5:46 am

    I think it's important to note that both software threats mentioned above are targeting servers - both use flaws in web services to infect the servers running them. It is extremely unlikely these will succeed in infecting users - even if any of them was a serious problem (according to Wikipedia, the ransomware managed to infect at least 10 computers... Oh no...).

    I would be very careful before stating that Linux has any kind of security problem that affect ordinary users that browse the web, write documents or play some games - the situation is light years better than the rampant malware problem in Windows or macOS - if the the malware problem in these can be compared to an epidemic, then this article is like looking at a Linux user who caughed a bit and saying "look, look, they are not immune either!"

  3. KT
    February 15, 2017 at 12:13 am

    My dual boot is 2 separate hard drives: Windows 7 on one and linux on the other.
    The windows hd has Norton and spybot on it and I only use it for Kodi and Steam and that is it.
    The linux hd gets all the work/surfing. I use Firefox with ad block plus and ultimate, ghostery, and no script. I'll add that malware scanner to it tonight and a vpn next month.

    Do you think that's enough protection? Thanks.

  4. Martin
    February 14, 2017 at 11:50 pm

    Historic note: The earliest viruses were designed for Unix OS's which Linux is just one.

    Also, I wouldn't bother trying to get into the other OS on a multiboot system. Since I have direct access to the console and the bios I'd just boot a rescue usb stick and get the data in just a few minutes.

Leave a Reply

Your email address will not be published. Required fields are marked *