{"id":45,"date":"2022-03-22T17:29:09","date_gmt":"2022-03-22T16:29:09","guid":{"rendered":"https:\/\/digitaltran.eu\/transformation\/?p=45"},"modified":"2023-05-15T11:00:05","modified_gmt":"2023-05-15T10:00:05","slug":"cyberattacks-on-linux-can-it-be-prevented","status":"publish","type":"post","link":"https:\/\/digitaltran.eu\/transformation\/index.php\/2022\/03\/22\/cyberattacks-on-linux-can-it-be-prevented\/","title":{"rendered":"Cyberattacks on Linux? Can it be prevented?"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><strong>How common are cyberattacks on Linux?<\/strong><br><strong>Can we do something about it?<\/strong><\/h2>\n\n\n\n<p>More common than you think. Do not get fooled by the hype:<\/p>\n\n\n\n<blockquote style=\"text-align:center\" class=\"wp-block-quote is-style-default is-layout-flow wp-block-quote-is-layout-flow\"><p>\u201cLinux is <strong>secure<\/strong>, <strong>stable<\/strong>, and <strong>flexible<\/strong>. It\u2019s the most secure OS in the world!\u201d <\/p><\/blockquote>\n\n\n\n<p>Sadly, nowadays it became a marketing tool and does not correspond to the reality. It is still true that is better than Microsoft Windows regarding stability and flexibility, but Linux has more or less the same security issues as a Windows system.<\/p>\n\n\n\n<p>An Operating System is as secure as the developer and user take care about their own clean security habits.<\/p>\n\n\n\n<p>Let\u2019s dive in and see how to <strong>counteract cyberattacks<\/strong>, just by taking some steps.<\/p>\n\n\n\n<p>By doing some simple actions you may <strong>avert a serious disaster<\/strong> \u2013 public shame, getting fired, even go to court to explain \u2018Why was I careless?\u2019 where thereafter it is very difficult to get a new job.<\/p>\n\n\n\n<p>First some small simple stats*. Areas used:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> Web services: 96% of the top 1 million servers are run by a Linux system<\/li><li> Smartwatches<\/li><li> Aerospace industry<\/li><li> More and more workstations and file servers<\/li><li> Cloud services are run mostly by a Linux system <\/li><\/ul>\n\n\n\n<p>Major countries which are exposed to attacks are*:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li> USA<\/li><li> Germany<\/li><li> China<\/li><li> France<\/li><li> Hong Kong (not a country as per decree, belongs to China)<\/li><\/ul>\n\n\n\n<p>Now with the war, these stats could have changed. It was noticed an active increase in attacks.<\/p>\n\n\n\n<p>It seems that non-ethical hackers have the upper-hand and get rich. Did I miss my vocation? Just kidding!<\/p>\n\n\n\n<p>NEVER go that route because either you land in a grave, 6-feet under, or land in jail for a very long time!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>What can be done?<\/strong><\/h2>\n\n\n\n<p>1.During the installation process use <strong>strong passwords<\/strong>.<br>Many users, privately or at work, still use weak passwords as (cracked in less than a second):<\/p>\n\n\n\n<p style=\"text-align:center\"> \u201c I love you \u201d <br> \u201c 123456 \u201d <br> \u201c qwerty \u201d <\/p>\n\n\n\n<p>Use a <strong>password manager<\/strong> (very easy to use). Personally I use one where in most web subscriptions I use over 700-bits passwords (an overkill but easy to setup and to use) \u2013 copy and paste!<\/p>\n\n\n\n<p>Or use a <strong>long passphrase<\/strong>:<br>      \u201cYesterday, I went in the evening @19:15 for a swim!\u201d<br>Almost 190-bit password (takes decades to decode it). Of course do not use this passphrase. Use something that happened in your life, secret to you \u2013 easy to use and you will never forget.<\/p>\n\n\n\n<p>A <strong>password<\/strong> or passphrase is a <strong>PERSONAL item<\/strong> and not to be given to anyone, including your boss!!! She\/He wants it, ask for a <strong>Liability Release Form<\/strong>!**<\/p>\n\n\n\n<p>In case you give it freely to your boss, it is the same you sign your resignation or she\/he will put the blame on you for any mishap. Do not be afraid, she\/he has access to your files you working on but with her\/his own password. So it is traceable.<\/p>\n\n\n\n<p style=\"text-align:left\">2. When you install a Linux or a Windows system the first thing to be done is ALWAYS \u2013 <strong>update your system:<\/strong><\/p>\n\n\n\n<p>   &#8211; Graphical way:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>     \u2018Software\u2019 \u2192 click Updates<\/code><\/pre>\n\n\n\n<p>   &#8211; Through the \u2018Terminal\u2019:<\/p>\n\n\n\n<p>     Debian and Debian-based systems, for instance Ubuntu:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>      sudo apt update &amp;&amp; sudo apt upgrade -y<\/code><\/pre>\n\n\n\n<p>     Fedora system:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>      sudo dnf update -y<\/code><\/pre>\n\n\n\n<p>     openSuse system:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>      sudo zypper update -y<\/code><\/pre>\n\n\n\n<p><strong>DO NOT FORGET<\/strong> to restart your system! Sometimes it is not required, but I always do it even for minor updates.<\/p>\n\n\n\n<p>3. <strong>NEVER open an e-mail attachment<\/strong> if you do not know its origin!<\/p>\n\n\n\n<p>By taking these three steps, you are protected about 95% of the time.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Still want to increase your chances of not getting hacked?<\/strong><\/h2>\n\n\n\n<p>In most Linux systems, by default, the root account is locked. If someone has access to root, she\/he can do everything in your system \u2013 the \u2018god\u2019 of all users!<\/p>\n\n\n\n<p>During the installation <strong>create a normal account with administration privileges<\/strong>, hence the command word \u2018sudo \u2026\u2019 + password to give access to root privileges \u2013 no activity, logged out automatically after a few minutes.<\/p>\n\n\n\n<p>Generally every Linux system has an active firewall \u2013 that\u2019s fine.<\/p>\n\n\n\n<p>Another way to trap hackers, install \u2018<strong>fail2ban<\/strong>\u2019:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>      sudo apt install fail2ban -y\n\n      sudo dnf install fail2ban -y<\/code><\/pre>\n\n\n\n<p>On openSuse, just click <a href=\"https:\/\/software.opensuse.org\/package\/fail2ban\">https:\/\/software.opensuse.org\/package\/fail2ban<\/a>, download and install it.<\/p>\n\n\n\n<p><strong>Restart your system<\/strong>!!!<\/p>\n\n\n\n<p>Voil\u00e0, your got a protection of 99%. If hacked it has nothing to do with you but with the vendor.<\/p>\n\n\n\n<p>In case you need <strong>more information or need some help<\/strong> in doing all these steps or even to further secure your server or workstation, do not hesitate in taking <strong>contact<\/strong>:<\/p>\n\n\n\n<p><a href=\"https:\/\/digitaltran.eu\/#contact\">https:\/\/digitaltran.eu\/#contact<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>* You may read in detail this <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/linux-threat-report-2021-1h-linux-threats-in-the-cloud-and-security-recommendations\">article<\/a> \u2013 very informative.<\/p>\n\n\n\n<p>** More info, read this <a href=\"https:\/\/www.liabilitywaiver.org\/\">article<\/a>. <\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n","protected":false},"excerpt":{"rendered":"<p>How common are cyberattacks on Linux?Can we do something about it? More common than you think. Do not get fooled by the hype: \u201cLinux is secure, stable, and flexible. It\u2019s the most secure OS in the world!\u201d Sadly, nowadays it became a marketing tool and does not correspond to the reality. It is still true &hellip; <a href=\"https:\/\/digitaltran.eu\/transformation\/index.php\/2022\/03\/22\/cyberattacks-on-linux-can-it-be-prevented\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Cyberattacks on Linux? Can it be prevented?<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,4],"tags":[47,70,50,26,28,54,21,23,53,22,43,49,48,61,56,67,64,44,63,68,69,65,52,51,62,40,16,60,19,20,17,59,45,57,29,55,58,41,33,46,66],"class_list":["post-45","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-linux-systems","tag-amazon","tag-android","tag-apps","tag-business","tag-corporates","tag-creditcards","tag-cybersecurity","tag-data","tag-datacollection","tag-dataprivacy","tag-digitalsecurity","tag-facebook","tag-gsm","tag-hackers","tag-hotel","tag-ios","tag-laptops","tag-linux","tag-linuxlite","tag-macos","tag-mcos","tag-microsoft","tag-mobile","tag-mobilephone","tag-oldcomputers","tag-online","tag-privacy","tag-ransomware","tag-secureyourdata","tag-secureyourlife","tag-security","tag-session","tag-shopping","tag-signal","tag-sme","tag-technology","tag-telegram","tag-threat","tag-vpn","tag-whatsapp","tag-windows"],"_links":{"self":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/45","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/comments?post=45"}],"version-history":[{"count":13,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/45\/revisions"}],"predecessor-version":[{"id":60,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/45\/revisions\/60"}],"wp:attachment":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/media?parent=45"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/categories?post=45"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/tags?post=45"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}