Kaspersky raises the red FUD flag over Linux
Russian security firm Kaspersky has published a blog post about the alleged threat to Linux from targeted attacks and so-called advanced persistent threats — code for state-based actors — that falls suqarely into the category known as FUD.
The modus operandi is quite similar to that of many others: create a straw man or two and then lead the reader down a cul-de-sac. Right at the start, there is a dubious statement that says, "Windows is, due to its popularity, the platform for which we discover most APT attack tools."
This is hardly the case; Windows is the target because it is the easiest to attack due to its appalling security. If one goes by popularity, then Android devices would be the most attacked. And even devices running Apple's iOS would be up there, given the popularity of the iPhone. But as we know that is not the case.
The whole post is some kind of general overview of the threats against Linux, though the objective is the same as any other blog posts: to gain publicity for the company and drive its marketing efforts. In this case, raising the fear index around Linux would certainly help Kaspersky which, you never guessed it, is able to protect anyone who needs protection.
The fact that the Kaspersky author — no byline is given for this post, instead it is attributed to the so-called Global Research and Analysis Team for which the acronym GReAT is used — has to reach as far back as 2015 and the company's discovery of the Equation Group, an entity suspected to be affiliated to the NSA, to fill up this post is an indication of the lack of any real current material to justify the central thesis of the post.
Lest the reader assume that Linux is not vulnerable, let me point out that attackers can craft malware designed to attack any system, be it macOS, Linux, Windows, Android, or any of the BSDs.
But the difference lies in the fact that when it comes to Windows there are literally thousands of vulnerabilities whereby one could implant malware; in the case of the other operating systems, it is more difficult to find a weak point.
One is unsure of why this post was made at this time; articles on this blog generally boast of the research of the Kaspersky team, which, to be truthful, is a very skilled outfit with numerous firsts to its name.
No doubt, there will be some who will take the bait and, in breathless tones, write of the threat that faces Linux servers. But it does the reputation of the skilled infosec bunch at Kaspersky little good.
WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge
Don't miss the only 5G and edge performance-focused event in the industry!
Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.
This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.
But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.
With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.
Gloss