[throw0101a]

Are there any documented reports of Linux/Unix systems ever being hit by ransomware? Or files on NAS appliances (NetApp, Isilon, etc) being encrypted in a way that is unrecoverable (especially since snapshots can be scheduled regularly)?

Certainly you can steal data from non-Windows systems, so exfiltration attacks are similar on both, but AFAICT, these "we've got your data" style attacks are unique to Windows. If an IT (desktop/laptop) environment was more Mac-heavy, would these be an issue either?

[daveguy]

I had a linux system hit with a virus early 2000s. I had more confidence than linux skills back then and made some colossal blunders to make it happen. But whatever you use as your daily machine, it isn't immune. It's a smaller target, but there is still malware out there for Linux. One of the first widespread computer worms was Unix based[1].

[1] https://en.wikipedia.org/wiki/Morris_worm

PS Edit: Many routers are linux/unix based so it is a much bigger target than a lot of people on this thread are making out. If you have control of a company's routers you are in position to do a lot of damage.

[rb808]

Basically 99.99% of companies and governments use windows so its unlikely to see this happening.

[bromonkey]

What orifice did you pull that stat from?

[jlgaddis]

There was (recently) some ransomware for (unpatched, IIRC) Synology devices.

[HarryHirsch]

Ten years ago or so, our NMR spectrometer was held ransom. OK, it was a completely out-of-date Solaris, not Linux, but if don't use Windows you are not immune.

[mmilgauss]

Linux systems are less targeted because they're less commonly used, their userbase on average knows more about technology and they're inherently more secure.

[zeta0134]

Ha! This got a good chuckle out of me. Check again; this happens more often than you would think in the web hosting business, especially the small to medium business segment. "It's just a website how hard could it be?"

If I had a nickel for every RHEL 5 (yes, 5!) box still running after we begged customers to please, please move to something actually receiving patches...

In theory ransomware shouldn't have as large of an impact, but in practice backups are not a magical wand of "restore website and lose 0 transactions" either. That's assuming the backups are actually configured to grab the correct data, and haven't been silently failing for months...

[mmilgauss]

I meant for people using it as their daily driver operating system (not servers).

Most linux enthusiasts know a bit more/are interested in technology so they would be likely to engage in better security practices than a typical "home user" using Windows. In addition features like package managers and actually functioning permissions systems help as well (how long has Windows had public UAC bypasses?)

Of course you're correct and most servers run linux and get hacked every millisecond otherwise though because they don't keep them updated.

[FDSGSG]

>inherently more secure

What now?