RSSTim Kridel
Why Linux Needs Malware Protection
"This is very embarrassing." So began a post by the developers of UnrealIRCd server after finding that their software was infected with a Trojan. Another example of why enterprises should consider the safe haven of Linux? Just the opposite: The Trojan infected only the Linux version of the server software, but its Windows counterpart was clean.
Although Linux malware is relatively rare compared to attacks on Windows, it exists, and it's steadily increasing. In fact, as far back as 2005, the amount of known Linux malware had already doubled over the course of a year to 863 programs. As Linux's popularity grows among consumers and enterprises, so does its attractiveness to hackers.
In the process, the strategy of security by obscurity becomes less viable. So far, Linux servers appear to be targeted more frequently than Linux PCs partly because there's a larger installed base. The risks aren't limited to servers and desktops, either. One recent example is Backdoor.Linux.Foncy.a, which attacks smartphones running the Linux-based Android operating system. Kapersky Lab calls Backdoor.Linux.Foncy.a "the most striking example of a malicious program used by cybercriminals to remotely control an infected device by sending a variety of commands."
In a sense, Linux malware today is like mobile malware circa 2002: Many businesses, consumers and analysts scoffed at warnings simply because attacks were so few and far between. But as the attacks mount, so does the need for a strategy that's more robust than simply betting that the odds are in your favor.
Developing a Security Strategy
The good news is that many successful strategies from the Windows world are applicable to Linux.
1. Think twice about downloading free software and content
Even when it, the source or both appear innocuous. Ignoring that advice has facilitated hacks such as screensavers that use Ubuntu PCs for distributed denial-of-service attacks. Backdoor.Linux.Foncy.a passed itself off as the "Madden NFL 12" game.
2. Run a Windows antivirus program.
Because Linux PCs are still a minority, there's a good chance that a file is headed for a Windows machine. Windows antivirus software minimizes the chances that the Linux PC or server will facilitate malware's spread.
3. Borrow from Ronald Reagan: Trust, but verify
For example, many Linux users trust Ubuntu's Personal Package Archives. The potential catch is that although there's a code of conduct, there's no guarantee that a secretly malicious signatory won't leverage that trust. Verification could include using only entities that have proven themselves to be trustworthy, or inspecting the files in a package for anything suspicious before installation.
There's also a growing selection of books and Web tutorials for developing an enterprise Linux security strategy. For example, CyberCiti.biz advises: "Most Linux distro began enabling IPv6 protocol by default. Crackers can send bad traffic via IPv6 as most admins are not monitoring it. Unless network configuration requires it, disable IPv6 or configure Linux IPv6 firewall."
4. Explore vendors offering Linux security services and products
There's a good reason why they're worth paying attention to: They wouldn't have those lines of business if there weren't enough threats already out there.
5. Don't let managers and other supervisors blindly sign off on the wireless portion of expense reports
This advice is as low-tech as it gets, but it's also highly effective -- not just for Android malware, but types that target all other mobile OSs, too. Although a lot of malware is designed to harvest credit card numbers and other personal information, Backdoor.Linux.Foncy.a is an example of the types that send messages to premium-rate text message and other data services. By simply questioning why an expense report has an unusually high wireless bill that month, you could catch an infected smartphone before it has several months or more to incur unnecessary charges. In the case of Backdoor.Linux.Foncy.a, only about 2,000 Android phones were infected, but that was enough for the hackers -- later arrested -- to run up an estimated 100,000 Euros in unauthorized charges.
- Hitching Social Media to Humanitarian Assistance
- Google+ Users Happier than Facebook Users
- The Sad, Pathetic Personality of a Computer Hacker
- Securing the Enterprise Better With Encryption Instructions
- Why Linux Needs Malware Protection
- The Sad, Pathetic Personality of a Computer Hacker
- Google Chrome Quickly Becoming Popular Among iOS Users
- App Developers Meet BlackBerry 10
- 11 Free Apps to Keep Your Roadtrip on Track
- Pennsylvania Hospitals Finding Patients on Google and Facebook
- Google Purges Outdated and Redundant Services
- How Much Does Google Stand to Profit From its Nexus 7 Tablet?
- Apple Cooks up DIY iOS Apps
- Clearing the Online App Store Submission Hurdle
- How to Design a Retail App
- Tune It Up: Developing Music Apps
- Nice Gesture, But What Does It Mean
- The Surprising Health Benefits of Texting
- Big Cable's Plan to Lock Down Your Future
- Ready for HTML5
- FDA Seeks to Tame Exploding Medical App Market
- Building a Productivity App
- App Developer Competitions: Worth It?
- Google Announces Nexus 7 Tablet PC
- Microsoft Unveils New Surface Tablet
- Tribute to the TV Remote Control
- The Internet Enhances Beer Muscles
- To App or Not to App?
- Which OS Should You Target?
- Taking a Break from Emails Decreases Stress
- New Facebook Effort Targets Educating School Counselors
- Verizon's High-Speed Internet Collusion
- RapidShare: Megaupload File-Sharing Pirates Are Unwelcome
- Twitter Cuts Two Ways
- China's Cyber 'Predators' Must Be Stopped
- CISPA Lacks Protections for Individual Rights
- CISPA Not the Right Way to Achieve Cybersecurity
- CISPA Effectively Addresses Threat of Cybercrime
- Dawn of the Phablet
Copyright © 2012 Studio One Networks. All rights reserved.
