In the world of hacking and mass defacements, Linux is being hacked more often than Microsoft Windows, according to Zone H.

It is going to be very hard to argue with these numbers, Zone H is the repository of many web site and systems defacements or hacks globally. The annual report has become somewhat of a celebrity cause in trying to figure out why we are so bad at securing our systems at the corporate or service level.

In 2007, Linux was hacked some 306 thousand times, while Windows 2003 was hacked only 114 thousand times in the most general of terms. The hacks that Zone H follows are normally mass defacements of web services, so the argument that it is not Linux or Windows can apply, it can be Apache or IIS. There will always be a company apologist somewhere in the lot willing to take on the numbers.

The interesting part (shown later) is that these are general hacks, not application specific.

For application specific hacks you would want to look at the apache numbers of 319 thousand hacks against IIS 6.0 at 113 thousand hacks and IIS 5.0 at 23 thousand hacks the numbers still do not add up to the total number of hacks for apache. What is interesting is how the systems were hacked.

The reasons on this list are all basic, generic, information security issues.

Overall though, Linux total hacks since 2000 at 1,485,280 against Microsoft Windows 815,119 still shows a staggering trend towards insecure Linux installations that needs to be addressed by information security training on the part of system administrators, and security engineers responsible for the security of the infrastructure.

Comments

This entry was posted on Monday, March 31st, 2008 at 10:18 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.