Linux is 'most breached' OS on the Net, security research firm says
- 11 November, 2004 11:56
According to London security analysis and consulting firm mi2g, Linux is the most commonly breached operating system on computers connected to the Internet 24/7.
The findings come from a recent report by the research firm, which analyzed almost 240,000 incidents of what it calls "digital breaches" of systems connected to the Internet. The firm analyzed these breaches, which included manual hacking attacks as well as virus, worm and other malware propagation, over a 12-month period from November 2003 to October 2004.
According to the research firm's report, Linux accounted for 65% of the 154,846 systems that were found to be hacked. Windows-based operating systems were second, accounting for 25% of the breached systems examined in the study.
The safest systems were those based on BSD Unix, including Apple's Mac OS X operating system. These systems accounted for 4% of the breached systems.
The research firm says those who maintain security code for Linux are challenged by the splintering of the operating system into "umpteen" different flavors [mi2g said "flavours," actually, being a British outfit]. The firm also said the widespread use of Windows, weaknesses in Windows XP, and delays in the Longhorn operating system were responsible for the security faults in Windows systems.
Most of the "digital breaches" mi2g examined came from what it calls "micro," and "small" entities. These include individuals with home PCs connected to the Internet, and small businesses, respectively. These accounted for over 80% of the incidents mi2g looked at. Mid and large-sized organizations made up only 8.5% of the incidents.
Mi2g says it gets its data from "personal relationships" with C-level executives in the banking and insurance industries in North America, Europe and Asia. Other data sources come from monitoring hacker bulletin boards, as well as infiltration by mi2g employees into online hacker groups.
While it all sounds very cloak-and-dagger, and a bit damning to Linux, it seems the "take-away" from mi2g's report may just be common sense: home Linux users and small businesses - download your operating system patches and update your firewall software.