How common are cyberattacks on Linux?
Can we do something about it?
More common than you think. Do not get fooled by the hype:
“Linux is secure, stable, and flexible. It’s the most secure OS in the world!”
Sadly, nowadays it became a marketing tool and does not correspond to the reality. It is still true that is better than Microsoft Windows regarding stability and flexibility, but Linux has more or less the same security issues as a Windows system.
An Operating System is as secure as the developer and user take care about their own clean security habits.
Let’s dive in and see how to counteract cyberattacks, just by taking some steps.
By doing some simple actions you may avert a serious disaster – public shame, getting fired, even go to court to explain ‘Why was I careless?’ where thereafter it is very difficult to get a new job.
First some small simple stats*. Areas used:
- Web services: 96% of the top 1 million servers are run by a Linux system
- Smartwatches
- Aerospace industry
- More and more workstations and file servers
- Cloud services are run mostly by a Linux system
Major countries which are exposed to attacks are*:
- USA
- Germany
- China
- France
- Hong Kong (not a country as per decree, belongs to China)
Now with the war, these stats could have changed. It was noticed an active increase in attacks.
It seems that non-ethical hackers have the upper-hand and get rich. Did I miss my vocation? Just kidding!
NEVER go that route because either you land in a grave, 6-feet under, or land in jail for a very long time!
What can be done?
1.During the installation process use strong passwords.
Many users, privately or at work, still use weak passwords as (cracked in less than a second):
“ I love you ”
“ 123456 ”
“ qwerty ”
Use a password manager (very easy to use). Personally I use one where in most web subscriptions I use over 700-bits passwords (an overkill but easy to setup and to use) – copy and paste!
Or use a long passphrase:
“Yesterday, I went in the evening @19:15 for a swim!”
Almost 190-bit password (takes decades to decode it). Of course do not use this passphrase. Use something that happened in your life, secret to you – easy to use and you will never forget.
A password or passphrase is a PERSONAL item and not to be given to anyone, including your boss!!! She/He wants it, ask for a Liability Release Form!**
In case you give it freely to your boss, it is the same you sign your resignation or she/he will put the blame on you for any mishap. Do not be afraid, she/he has access to your files you working on but with her/his own password. So it is traceable.
2. When you install a Linux or a Windows system the first thing to be done is ALWAYS – update your system:
– Graphical way:
‘Software’ → click Updates– Through the ‘Terminal’:
Debian and Debian-based systems, for instance Ubuntu:
sudo apt update && sudo apt upgrade -yFedora system:
sudo dnf update -yopenSuse system:
sudo zypper update -yDO NOT FORGET to restart your system! Sometimes it is not required, but I always do it even for minor updates.
3. NEVER open an e-mail attachment if you do not know its origin!
By taking these three steps, you are protected about 95% of the time.
Still want to increase your chances of not getting hacked?
In most Linux systems, by default, the root account is locked. If someone has access to root, she/he can do everything in your system – the ‘god’ of all users!
During the installation create a normal account with administration privileges, hence the command word ‘sudo …’ + password to give access to root privileges – no activity, logged out automatically after a few minutes.
Generally every Linux system has an active firewall – that’s fine.
Another way to trap hackers, install ‘fail2ban’:
sudo apt install fail2ban -y
sudo dnf install fail2ban -yOn openSuse, just click https://software.opensuse.org/package/fail2ban, download and install it.
Restart your system!!!
Voilà, your got a protection of 99%. If hacked it has nothing to do with you but with the vendor.
In case you need more information or need some help in doing all these steps or even to further secure your server or workstation, do not hesitate in taking contact:
https://digitaltran.eu/#contact
* You may read in detail this article – very informative.
** More info, read this article.