Diving deeper into the latest Linux vulnerability numbers

A recent report by Russian cyber security outfit Kaspersky Labs says Linux saw the largest gains in malware, viruses and other malicious software targeting the operating system, compared to other non-Windows, Unix-based operating systems. Statistics from the report – titled “2005: *nix Malware Evolution” – show that there were 863 malicious programs targeting Linux in 2005, a jump from 422 in 2004.

“The almost 100% increase on last year’s figures shows that virus writers are almost overwhelmingly targeting systems running Linux,” writes the report’s author, Konstantin Sapronov, a member of the Kaspersky Labs team.

To compare, the number of FreeBSD viruses and malware examples written specifically for the operating system went from a mere 16 in 2004 to 19 last year. Sun’s Solaris OS and all other combined Unix platforms grew, 200% and 46% respectively; however, their totals for 2005 were insignificant. (Sun went from 5 viruses in 2004 to 15 in 2005; combined Unix’s jump was from 47 to 69.)

To put all of these numbers in perspective, other security monitoring firms count the number of Microsoft-targeted viruses at around 11,000 to 12,000 in 2005. One reason the Kaspersky report attributes to the high number of malware targeted at Linux (vs. other “*nix” platforms) is that Linux is more widely used as a desktop platform than any of its non-Windows counterparts. Hackers typically go after machines that come into contact with human beings, not boxes humming away in data centers.

But the most obvious reason for Linux’s score in the malware report is in Sapronov’s summary: “As for other Unix platforms, the situation is even quieter. However, this is understandable,” he writes. “After all, other Unix platforms cannot compete either with Linux or Windows in terms of popularity.”