Study: Linux "Most Breached" OS

A security firm endorses OS X and BSD as the world's most secure operating systems, and it names Linux as the most common target of successful online attacks.
Apple Computer's OS X and the open-source BSD operating system provide the "world's safest and most secure" computing platforms, according to London-based security firm mi2g. The report also describes Linux as the world's "most breached" online computing environment, followed by Microsoft's Windows operating system.

According to mi2g, the firm's Intelligence Unit study analyzed more than 235,000 successful attacks against "permanently connected -- 24/7 online -- computers" worldwide between November 2003 and October 2004. According to the study, computers running Linux accounted for about 65 percent of all recorded breaches, while Microsoft Windows-based systems accounted for about 25 percent of such attacks. Successful attacks against OS X and BSD-based online systems accounted for less than five percent of the worldwide total.

"More and more smart individuals, government agencies, and corporations are shifting towards Apple and BSD environments," said D.K. Matai, executive chairman of mi2g. Technology professionals, he said, "don't have time to cope with the umpteen flavors of Linux or to wait for Microsoft's Longhorn when Windows XP has proved to be a stumbling block" due to persistent security flaws.

BSD (Berkeley Software Distribution), which includes three related open-source variants, each with its own source tree and kernel, are frequently used to run Web severs and other types of Internet infrastructure servers. Mac OS X, which uses a proprietary user interface and other extensions built on top of a BSD-based core, has been distributed on all Apple Computer desktop systems since 2001.

In addition to tracking successful system breaches by hackers over the past 12 months, the mi2g study also analyzed data from 459 viruses, worms, and other types of "malware" tracked since the start of 2004. According to the firm, 33 percent of the security breaches targeted home users, nearly 59 percent attacked small businesses, and another six percent targeted medium-size firms. Just 2.5 percent of successful attacks targeted large enterprises, government agencies and non-profit firms. In addition, the report noted that malware attacks overwhelmingly targeted Windows-based systems, failing to cause "any significant economic damage" to Linux, BSD, Mac OS X or other open-source-based operating systems.

The mi2g report also estimated that economic damage from active digital attacks, including distributed denial-of-service (DDoS) attacks, during 2004 totaled between $103 and $126 billion worldwide. Malware attacks, according to mi2g, inflicted between $166 and $202 billion in additional losses worldwide. The firm's loss estimates include help desk support costs, overtime payments, lost business, hardware and software upgrades, data and system recovery costs, and lost productivity.

Editor's Choice
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Terry White, Associate Chief Analyst, Omdia
Richard Pallardy, Freelance Writer
Cynthia Harvey, Freelance Journalist, InformationWeek
Pam Baker, Contributing Writer