Kaspersky introduces support for Linux in the Kaspersky Embedded Systems Security solution. This adaptable, multi-layered product now provides optimized security for embedded Linux-based systems, devices and scenarios, in compliance with the rigorous regulatory standards so often applicable to these systems. The product provides optimum protection for every device it secures against the latest cyber threats directed at today's Linux systems.

A recent Fortune Business Insights' report values the global Linux market at 5.33 billion US dollars in 2021, a figure projected to grow to 22.15 billion US dollars by 2029 with a compound annual growth rate of 19.8%. Highly cost-competitive and able to work across a wide range of hardware, Linux has gained popularity across commercial embedded systems in large businesses and critical infrastructure enterprises, including banks, retail firms and healthcare organizations, and Linux adoption is expected to grow significantly in coming years.

This expanding reach is naturally attracting the attention of cybercriminals who are developing new specialized malware for these platforms. Kaspersky registered more than 14.5 million network-based automated attacks on Linux in the first half of 2023. These attacks, the result of self-distributing malware setting out to spread itself via the network, are a big favorite with attackers out to exploit vulnerabilities in embedded systems. Over the same period, Kaspersky discovered 260,000 new unique malicious files for an average of over 1,400 new files distributed by hackers every day.

Kaspersky now offers a wide range of cyber-protection functions to support the specifics of embedded platforms based on Linux. Rigorous protection for autonomous embedded devices (ATMs, vending machines, etc.) combines with flexibly configured additional layers designed to address the increased attack surfaces of embedded systems with higher power levels, such as computerized PoS and medical systems.

This multi-layered approach to protection means that implementation can be adjusted for specific configurations and deployment scenarios resulting in optimized performance and protection tailored to the relevant threat scenarios for each particular use case. The risk of direct infection attacks on publicly accessible devices is also countered by powerful self-protection capabilities and Integrity Monitoring functionality. In addition, Application and Device Controls prevent attacks based on the use of unsolicited peripherals and applications and the launch of illegal tools. Integrity Monitoring, together with centralized event management and integration with third-party SIEM capabilities, also helps businesses working with valuable and sensitive financial and personal data to meet the compliance requirements and accountability mandated by regulations like PCI/DSS, SWIFT CSCF HIPAA, etc. 

"Today, the number of specialized solutions on the market for protecting embedded Linux-based devices is miniscule compared to what's on offer for Windows-based devices. At the same time, more and more hardware systems manufacturers and developers are going for Linux-based platforms," said Oleg Gorobets, senior global product marketing manager at Kaspersky. "Using general-design apps with Linux embedded devices is pretty risky in terms of security because these systems have their own specifics, as well as high regulatory and data security standards. To meet the increased need for Linux-based embedded systems security, we've created a specialized solution and included it in our Kaspersky Embedded Systems Security product, for free. That means our product can also be easily used in heterogeneous infrastructures, by businesses keen to adopt the new Linux devices while still also running older Windows machines. Just like its Windows counterpart, the Linux-based security application inside Kaspersky Embedded Systems Security is tested on Linux-based embedded platforms and tailored to their specifics. So our customers can fully benefit from powerful but cost-effective architectures, without having to compromise on security."