For many years now, the question of whether Linux users should be running antivirus software or not has been discussed and debated online. While it’s definitely true that malware presents a much smaller issue than on Windows, does this mean Ubuntu, Mint, openSUSE, or any of the multitude of Linux distros get a free pass when it comes to viruses?
Here's what you should be doing to protect your system, and yourself, from the threats online.
What do developers say about viruses?
Linux might be run on a tiny fraction of PCs and laptops, but the vast majority of servers run the Linux kernel. This means that on the enterprise side of things a constant battle is waged between hackers and systems administrators.
Despite this, it seems that the threats home users face are not quite so ominous.
The official Ubuntu website, which holds a wealth of information for the hugely popular flavour of Linux, states the following;
‘Anti-virus software does exist for Linux, but you probably don’t need to use it. Viruses that affect Linux are still very rare. Some argue that this is because Linux is not as widely used as other operating systems, so no one writes viruses for it. Others argue that Linux is intrinsically more secure, and security problems that viruses could make use of are fixed very quickly.
'Whatever the reason, Linux viruses are so rare that you don’t really need to worry about them at the moment.'
Is Linux virus-free?
For the most part, yes, but that doesn’t mean you should be complacent. In 2016 the 17.3 Cinnamon version of Linux Mint was found to have a keylogger infection included if users had downloaded it from Mint’s own download page.
This was due to hackers changing a PHP script in a WordPress installation that the Mint project used. The hack was quickly fixed, but only after usernames, passwords, message and posts were all compromised.
Compared to Windows, or even the Mac, Linux is relatively safe, but as with any device connected to the internet caution is required.
Is antivirus software available for Linux?
Yes. Plenty. While developers will play down the chances of an attack, and are right in many ways, it never hurts to be careful.
Another good idea is to use a VPN when online, as it encrypts all of the data you send and receive from servers.
Easy ways to avoid malware and viruses
The operating system isn't always the issue: users are often targeted as the weak link To protect yourself from those who would seek to steal your data, here are a few basic rules.
Never click on links in emails
This is essential. If you ever see an email warning you that your login details were used, with a provided link so you can check that everything is ok, DON’T CLICK ON IT. The same is true for payments being declined, hacks being detected, or friends saying they’re lost and need money to get home.
In many cases, hackers will use the correct graphics to represent your bank, online store, or other official organisation. These only take a few seconds to pull off the internet and add to an email, all while lending the communique an air of authenticity.
In all cases, open your browser, navigate independently to the site in question (don’t copy the link), and check that everything is ok.
Don’t download or open attachments
Another common vector for viruses and malware is through attachments in email and messages. Unless you’re expecting a document from someone, avoid clicking on anything you receive, even if it’s from friends or family.
When hackers gain access to someone’s account, one of the most powerful ways to infect other is via emails to everyone in the victim’s contact list. The expectation is that these people are likely to open the attachment as they trust the sender. Then, boom, you’ve got a virus.
Should a message with an attachment appear in your inbox, before you open it, contact the person directly to ask whether they actually sent you the document, file, image, or whatever form the attachment takes.
Don’t use the same, weak, password on every account
We know, it’s hard to remember complicated passwords, especially when you should be using different ones for every site and account. But, having weak login details is a sure-fire way to get hacked.
The easiest solution is to invest in a password manager. These are software packages that create complicated passwords, while only requiring you to remember one, master password.
LastPass is a hugely popular service that’s available on Windows, macOS, Linux, Android, and iOS.
For those who want to stick with the open-source nature of Linux there’s also the free KeePass Password Safe.
Hopefully, armed with the software listed above and the tips on how to avoid falling into common traps, you’ll be able to remain free from the clutches of hackers while enjoying the Linux life.