LinuxSecurity Founder Dave Wreski said: "Although it may be easy to blame the rise in attacks targeting Linux in recent years on security vulnerabilities in the operating system as a whole, this is simply not the truth. The majority of exploits on Linux systems can be attributed to misconfigured servers and poor administration."
Joe McManus, Director of Security at Canonical, said: "Linux and, particularly Ubuntu, are incredibly secure systems but, that being said, it is their popularity that makes them a target."
Ian Thornton-Trump, a threat intelligence expert and the CISO at Cyjax, added: "From an economic and mission perspective, it makes sense for a threat actor to invest in open-source skills for flexibility and the ability to target the systems where the good stuff is happening."
The argument is that Linux is still secure, threat actors are not as keen to take it on and are l directing the majority of their attacks at proprietary operating systems. But there are still issues with Linux security.
A new report by BlackBerry's report shows that security solutions and defensive coverage available within Linux environments are "immature at best". Endpoint protection, detection and response products are inadequately utilised by too many Linux users, and endpoint solutions available for Linux systems are often insufficient in combating advanced exploits.
BlackBerry Chief Product Officer Eric Cornelius said: "Security products and services that support Linux, offerings that detect and give us insight into a threat like this, are relatively lacking compared to other operating systems, and security research about APT use of Linux malware is also sparse."
Then there is another issue. If Linux security issues are caused by poor configuration and administration, is this due to the fact it is as user friendly as a Great White Shark and more work is needed on its interfaces and other things which make administration easier.